Tuesday, 4 October 2016

8 new Config Rules to govern the configuration of critical AWS resources

AWS Config launched 8 new managed rules that automatically evaluate the configuration of important AWS resources:

  1. IAM Password Policy: Checks whether the password policy for IAM Users meets the specified criteria. This rule codifies best practices, and you can further strengthen the policy.
  2. RDS encryption: Checks whether storage encryption is enabled for your RDS DB Instances. Optionally, you can specify the KMS Key ID that should be used.
  3. RDS Multi-AZ: Checks whether high availability is enabled for your RDS DB Instances.
  4. RDS Backup: Checks whether RDS DB Instances have backups enabled. You can also check for expected backup windows and retention policies.
  5. EBS Optimized EC2 Instances: Checks whether EBS optimization is enabled for EC2 Instance types that can be EBS optimized. This rule ensures best I/O performance for EBS volumes attached to these instances.
  6. EC2 Instance Type: Checks whether EC2 Instances are of the specified set of types. For example, all EC2 Instances must be of type t2.small or m4.large.
  7. Approved AMIs by ID: Checks whether running EC2 Instances are using the approved set of AMI IDs.
  8. Approved AMIs by Tag: Checks whether running EC2 Instances are using the set of AMIs specified by Tag key/value on these AMIs.


from What's New http://ift.tt/2dCFZ1a

No comments:

Post a Comment