What is AWS Config?

• Assess, audit, evaluate resource configs
• Continuously monitor and record config data
• Create asset inventory
• Build rules to ensure compliance

Can it be used over accounts/regions

• Yes

Where does it record config logs?

• S3

How to distinguish Config from CloudTrail?

Similarities:

• Keyword “audit”
• Monitoring for AWS services
• Track / store history of changes
• Compliance and governance

Differences:

• Config reports on what has changed
• Config focuses on AWS resources, not API calls