Amazon Web Services (AWS) has now made an automated service available that continuously monitors resources in its cloud platform to ensure they are in compliance with a customer's security guidelines and best practices.
Config Rules was unveiled at Amazon's AWS re:Invent conference in October, and was offered as a preview for evaluation. AWS has now made the service fully available, although it is currently offered only from the firm's US East (Northern Virginia) region. Other regions are set to follow next year.
Config Rules is defined by AWS as a set of governance capabilities that allow administrators to define guidelines for provisioning and configuring AWS resources, which will then continuously monitor compliance with those guidelines.
"You can use these rules to verify that existing and newly launched AWS resources conform to your organisation's security guidelines and best practices without having to spend time manually inspecting them. Instead, you define rules (AWS Lambda functions) that are run when resources are created or changed," explained AWS chief evangelist Jeff Barr on the AWS Official Blog.
Config Rules lets customers choose from a set of pre-built rules based on common AWS best practices, or define their own custom rules. These could specify that Elastic Block Store volumes are encrypted, or that Elastic IP addresses are attached to instances, for example.
AWS Config Rules can continuously monitor configuration changes to an organisation's AWS resources, and provide a visual dashboard comprising lists, charts and graphs to track compliance status. An IT administrator can also quickly determine when and how a resource went out of compliance.
Customers can choose to evaluate rules each time an AWS resource changes or at regular intervals, the firm said.
Config Rules is based on the existing AWS Config service. Both are designed to help organisations assess compliance with internal policies and regulatory standards by providing visibility into the configuration of a resource at any time, and evaluating relevant configuration changes against rules that they define.
The service is also available to the AWS ecosystem of partners and developers, to enable them to provide solutions that integrate with it for resource discovery, change management, compliance or security.
"Several AWS partners are already making great use of Config Rules in production. For example, Alert Logic, CloudHealth Technologies and Trend Micro Deep Security are using Config Rules as integral parts of their respective flagship products," Barr said.
Windows 10 Chinese Government Edition completed by Microsoft
And even when IoT projects do get completed, one-third aren't considered a success
So, the Frontier Edition launches at the end of June, the Radeon RX Vega in July - and the Ryzen 3 straight after?
From accidentally selling sensitive data on eBay, to forgetting that security solutions needs to be 'on' to work, we've got the full rundown of the worst security gaffes ever