AWS Config Service Is Not Configured

Overview

WARNING: although required in many cases for compliance, Config can dramatically increase your AWS costs for an account.

AWS Config is a web service that performs configuration management of supported AWS resources within your account and delivers log files to you. The recorded information includes the configuration item (AWS resource), relationships between configuration items (AWS resources), any configuration changes between resources. It is recommended AWS Config be enabled in all regions.

The AWS configuration item history captured by AWS Config enables security analysis, resource change tracking, and compliance auditing.

Vendor

AWS

Cloud Service

Config

CIS AWS v1.5.0 3.5, Config.1

References

https://docs.aws.amazon.com/cli/latest/reference/configservice/describe-configuration-recorder-status.html

Severity

Item Types

Custom::AWS::Region

AWS::Config::ConfigurationRecorder

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​

Related Item Types​