SlideShare a Scribd company logo

Aws Atlanta meetup - Understanding AWS Config

Download as PPTX, PDF
Adam Book
Adam Book

AWS Config provides the following services: - Assesses and retrieves configurations of AWS resources and produces snapshots of current configurations. - Evaluates AWS resource configurations against rules for desired settings and sends notifications when resources are modified. - Shows relevant relationships between resources to help with security analysis and troubleshooting.

Technology
1 of 20
Assess Evaluate Monitor Audit
Assess Retrieves configurations of one or more resources that exist in your account Retrieves historical configurations of one or more resources Produces a snapshot of the current configurations of the supported resources that are associated with your AWS account
Evaluate Evaluates your AWS resource configurations for desired settings
Monitor Sends notifications whenever a resource is created, modified, or deleted
Audit Shows relevant relationships between resources
Foundational Element of Security
Foundational Element of Security Inventory and Configuration Management • What’s currently out there • What is the latest configuration state of my resources • What relationships exist between my resources • What configuration changes occurred in the last ‘X’ number of days? • Which EC2 instances are build on top of a particular machine image?
Changing Resources Record Normalize Store Deliver APIs History Stream Snapshot
Retrieve Configurations of one or more resources Retrieve Historical Configurations of One or More Resources Produce a snapshot of the current configurations of the supported resources Produce a snapshot of the current configurations of the supported resources Evaluates your AWS resources configurations for desired settings Sends notifications whenever a resource is created, modified or deleted Shows relevant relationships between resources
AWS Shield AWSWAFAWS Certificate Manager IAM Security, Identity & Compliance ManagementTools Amazon CloudWatch AWS CloudFormation AWS CloudTrail AWS Service Catalog DeveloperTools AWS CodeBuild AWS CodePipeline AWS X-Ray Database Amazon RDS Amazon DynamoDB Amazon Redshift Networking / Content Delivery Amazon CloudFront Elastic Load Balancing* Compute Auto Scaling Amazon EC2 AWS Elastic Beanstalk AWS Lambda Storage Amazon S3
Amazon EC2 Systems Manager AWS Organizations AWS CloudTrail Application Load Balancer Amazon EC2 Dedicated Host AWS Config integrates with AWS CloudTrail to correlate configuration changes to particular events in your account. AWS Config integrates with AWS Systems Manager to record configuration changes to software on your Amazon EC2 instances and servers in your on-premises environment. Config records when instances are launched, stopped, or terminated on a Dedicated Host, and pairs this information with host and instance level information relevant to software licensing, such as Host ID, Amazon Machine Image (AMI) IDs, number of sockets and physical cores. Config records changes to your ALBs and also includes relationships with associated EC2 security groups,VPCs, and subnets.You can use this information for security analysis and troubleshooting. You can use AWS Organizations to define the accounts to use for AWS Config’s multi-account, multi-region data aggregation capability.
Rules represent your ideal configuration settings Use pre-built rules byAWS Build your own rules using AWS Lambda Invoked automatically for continual assessment Use the dashboard for visualizing compliance and identifying offending changes • 60+ prebuilt rules by AWS • Custom rules by Lambda • GitHub repo: Community Sourced Rules
For Compute there are 22 pre- defined rules available including: • ec2-managedinstance- applications-required • encrypted-volumes For IAM there are 14 pre-defined rules available including: • Iam-group-has-users • Iam-user-group-membership- check • root-account-mfa-enabled
Rules are triggered in 1 of 2 ways: Triggered by changes Triggered by time (i.e. every 3 hours ) Triggering Rules Configuration Item All configuration attributes for a given resource at a given point in time, captured at every configuration change.
Configuration Item Component Description Contains Metadata Information about this configuration Item Version ID, Configuration Item ID,Time when the configuration item was captured, State ID indicating the ordering of the configurating items of a resource, MD5 hash, etc. Common Attributes Resource Attributes Resource ID, tags, ResourceType, ARN , Availability Zone etc. Relationships How the resource is related to other resources in the account EBS volume vol-1234567 is attached to instance EC2- a1b2c3d4 Current Configuration Information returned through a call to the Describe or ListAPI of the resource e.g. For EBS volume State of Delete onTermination flag,Type of volume – for example. gp2, io1 or standard Related Events The AWS CloudTrail events that are related to the current configuration item AWS CloudTrail ID
There is a rule development kit (RDK) available from amazon available on Github to help you get started writing custom rules: https://github.com/awslabs/aws-config-rdk There are also a number of predefined rule where you can see the example code for https://github.com/awslabs/aws-config-rules
Aws Atlanta meetup - Understanding AWS Config

Recommended

AWS Config - Advanced AWS Meetup SF
AWS Config - Advanced AWS Meetup SFAWS Config - Advanced AWS Meetup SF
AWS Config - Advanced AWS Meetup SFAriel Smoliar
 
AWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancingAWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancingAdam Book
 
AWS Config Rules - Advanced AWS Meetup
AWS Config Rules - Advanced AWS MeetupAWS Config Rules - Advanced AWS Meetup
AWS Config Rules - Advanced AWS MeetupAriel Smoliar
 
Aws config
Aws configAws config
Aws configShagun Rathore
 
Using AWS Organizations to Ensure Compliance in Your Cloud
Using AWS Organizations to Ensure Compliance in Your CloudUsing AWS Organizations to Ensure Compliance in Your Cloud
Using AWS Organizations to Ensure Compliance in Your CloudAmazon Web Services
 
Transparency and Control with AWS CloudTrail and AWS Config
Transparency and Control with AWS CloudTrail and AWS ConfigTransparency and Control with AWS CloudTrail and AWS Config
Transparency and Control with AWS CloudTrail and AWS ConfigAmazon Web Services
 
AWS Summit : Digital Transformation and Innovation with Cloud
AWS Summit : Digital Transformation and Innovation with CloudAWS Summit : Digital Transformation and Innovation with Cloud
AWS Summit : Digital Transformation and Innovation with CloudAIMDek Technologies
 
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & SecurityAmazon Web Services
 

Recommended

AWS Config - Advanced AWS Meetup SF
AWS Config - Advanced AWS Meetup SFAWS Config - Advanced AWS Meetup SF
AWS Config - Advanced AWS Meetup SFAriel Smoliar
 
AWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancingAWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancingAdam Book
 
AWS Config Rules - Advanced AWS Meetup
AWS Config Rules - Advanced AWS MeetupAWS Config Rules - Advanced AWS Meetup
AWS Config Rules - Advanced AWS MeetupAriel Smoliar
 
Aws config
Aws configAws config
Aws configShagun Rathore
 
Using AWS Organizations to Ensure Compliance in Your Cloud
Using AWS Organizations to Ensure Compliance in Your CloudUsing AWS Organizations to Ensure Compliance in Your Cloud
Using AWS Organizations to Ensure Compliance in Your CloudAmazon Web Services
 
Transparency and Control with AWS CloudTrail and AWS Config
Transparency and Control with AWS CloudTrail and AWS ConfigTransparency and Control with AWS CloudTrail and AWS Config
Transparency and Control with AWS CloudTrail and AWS ConfigAmazon Web Services
 
AWS Summit : Digital Transformation and Innovation with Cloud
AWS Summit : Digital Transformation and Innovation with CloudAWS Summit : Digital Transformation and Innovation with Cloud
AWS Summit : Digital Transformation and Innovation with CloudAIMDek Technologies
 
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & SecurityAmazon Web Services
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAutomated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAmazon Web Services
 
Account Separation and Mandatory Access Control
Account Separation and Mandatory Access ControlAccount Separation and Mandatory Access Control
Account Separation and Mandatory Access ControlAmazon Web Services
 
Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud Security Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud SecurityAmazon Web Services
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The CloudMark Nunnikhoven
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...Amazon Web Services
 
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...Amazon Web Services
 
AWS Service Drill Downs
AWS Service Drill DownsAWS Service Drill Downs
AWS Service Drill DownsAmazon Web Services
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornAmazon Web Services
 
Getting started with Public Cloud and AWS
Getting started with Public Cloud and AWSGetting started with Public Cloud and AWS
Getting started with Public Cloud and AWSCohesive Networks
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
 
Managing your AWS Organization using org-formation
Managing your AWS Organization using org-formationManaging your AWS Organization using org-formation
Managing your AWS Organization using org-formationOlaf Conijn
 
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...Amazon Web Services
 
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Amazon Web Services
 
IAM Recommended Practices
IAM Recommended PracticesIAM Recommended Practices
IAM Recommended PracticesAmazon Web Services
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & LoggingJason Poley
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWSAmazon Web Services
 
Wrangling Multiple AWS Accounts with AWS Organizations
Wrangling Multiple AWS Accounts with AWS OrganizationsWrangling Multiple AWS Accounts with AWS Organizations
Wrangling Multiple AWS Accounts with AWS OrganizationsAmazon Web Services
 
NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...Amazon Web Services
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - TorontoAmazon Web Services
 
AWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config RulesAWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config RulesAmazon Web Services
 
SRV334-Making Things Right with AWS Config Rules and AWS Lambda
SRV334-Making Things Right with AWS Config Rules and AWS LambdaSRV334-Making Things Right with AWS Config Rules and AWS Lambda
SRV334-Making Things Right with AWS Config Rules and AWS LambdaAmazon Web Services
 

More Related Content

What's hot

Automated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAutomated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAmazon Web Services
 
Account Separation and Mandatory Access Control
Account Separation and Mandatory Access ControlAccount Separation and Mandatory Access Control
Account Separation and Mandatory Access ControlAmazon Web Services
 
Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud Security Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud SecurityAmazon Web Services
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The CloudMark Nunnikhoven
 
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...Amazon Web Services
 
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...Amazon Web Services
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornAmazon Web Services
 
Getting started with Public Cloud and AWS
Getting started with Public Cloud and AWSGetting started with Public Cloud and AWS
Getting started with Public Cloud and AWSCohesive Networks
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
 
Managing your AWS Organization using org-formation
Managing your AWS Organization using org-formationManaging your AWS Organization using org-formation
Managing your AWS Organization using org-formationOlaf Conijn
 
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...Amazon Web Services
 
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Amazon Web Services
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & LoggingJason Poley
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWSAmazon Web Services
 
Wrangling Multiple AWS Accounts with AWS Organizations
Wrangling Multiple AWS Accounts with AWS OrganizationsWrangling Multiple AWS Accounts with AWS Organizations
Wrangling Multiple AWS Accounts with AWS OrganizationsAmazon Web Services
 
NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...Amazon Web Services
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - TorontoAmazon Web Services
 

What's hot (20)

Automated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrailAutomated Compliance and Governance with AWS Config and AWS CloudTrail
Automated Compliance and Governance with AWS Config and AWS CloudTrail
 
Account Separation and Mandatory Access Control
Account Separation and Mandatory Access ControlAccount Separation and Mandatory Access Control
Account Separation and Mandatory Access Control
 
Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud Security Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud Security
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The Cloud
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
 
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...
AWS January 2016 Webinar Series - Amazon Aurora for Enterprise Database Appli...
 
AWS Service Drill Downs
AWS Service Drill DownsAWS Service Drill Downs
AWS Service Drill Downs
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
 
Getting started with Public Cloud and AWS
Getting started with Public Cloud and AWSGetting started with Public Cloud and AWS
Getting started with Public Cloud and AWS
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program Overview
 
Managing your AWS Organization using org-formation
Managing your AWS Organization using org-formationManaging your AWS Organization using org-formation
Managing your AWS Organization using org-formation
 
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...
Log Analytics with Amazon Elasticsearch Service and Amazon Kinesis - March 20...
 
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
 
IAM Recommended Practices
IAM Recommended PracticesIAM Recommended Practices
IAM Recommended Practices
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & Logging
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS
 
Wrangling Multiple AWS Accounts with AWS Organizations
Wrangling Multiple AWS Accounts with AWS OrganizationsWrangling Multiple AWS Accounts with AWS Organizations
Wrangling Multiple AWS Accounts with AWS Organizations
 
NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
 

Similar to Aws Atlanta meetup - Understanding AWS Config

AWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config RulesAWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config RulesAmazon Web Services
 
SRV334-Making Things Right with AWS Config Rules and AWS Lambda
SRV334-Making Things Right with AWS Config Rules and AWS LambdaSRV334-Making Things Right with AWS Config Rules and AWS Lambda
SRV334-Making Things Right with AWS Config Rules and AWS LambdaAmazon Web Services
 
Improving Infrastructure Governance on AWS - AWS June 2016 Webinar Series
Improving Infrastructure Governance on AWS - AWS June 2016 Webinar SeriesImproving Infrastructure Governance on AWS - AWS June 2016 Webinar Series
Improving Infrastructure Governance on AWS - AWS June 2016 Webinar SeriesAmazon Web Services
 
Improving Infrastructure Governance on AWS by Henrik Johansson, Solutions Ar...
Improving Infrastructure Governance on AWS by Henrik Johansson, Solutions Ar... Improving Infrastructure Governance on AWS by Henrik Johansson, Solutions Ar...
Improving Infrastructure Governance on AWS by Henrik Johansson, Solutions Ar...Amazon Web Services
 
Improving Infrastructure Governance on AWS
Improving Infrastructure Governance on AWSImproving Infrastructure Governance on AWS
Improving Infrastructure Governance on AWSAmazon Web Services
 
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...Amazon Web Services
 
AWS Security for Technical Decision Makers
AWS Security for Technical Decision MakersAWS Security for Technical Decision Makers
AWS Security for Technical Decision MakersAmazon Web Services
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesAmazon Web Services
 
Network Security and Access Control in AWS
Network Security and Access Control in AWSNetwork Security and Access Control in AWS
Network Security and Access Control in AWSAmazon Web Services
 
Network Security and Access Control within AWS
Network Security and Access Control within AWS Network Security and Access Control within AWS
Network Security and Access Control within AWS Amazon Web Services
 
AWS CloudFormation: Infrastructure as Code | AWS Public Sector Summit 2016
AWS CloudFormation: Infrastructure as Code | AWS Public Sector Summit 2016AWS CloudFormation: Infrastructure as Code | AWS Public Sector Summit 2016
AWS CloudFormation: Infrastructure as Code | AWS Public Sector Summit 2016Amazon Web Services
 
What's New with Big Data Analytics
What's New with Big Data AnalyticsWhat's New with Big Data Analytics
What's New with Big Data AnalyticsAmazon Web Services
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAmazon Web Services
 
Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Amazon Web Services
 
Detective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record ChangeDetective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record ChangeAmazon Web Services
 
Easily Govern and Audit your AWS Resources
Easily Govern and Audit your AWS ResourcesEasily Govern and Audit your AWS Resources
Easily Govern and Audit your AWS ResourcesAmazon Web Services
 
ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management ToolsENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management ToolsAmazon Web Services
 
AWS re:Invent 2016: Infrastructure Continuous Delivery Using AWS CloudFormati...
AWS re:Invent 2016: Infrastructure Continuous Delivery Using AWS CloudFormati...AWS re:Invent 2016: Infrastructure Continuous Delivery Using AWS CloudFormati...
AWS re:Invent 2016: Infrastructure Continuous Delivery Using AWS CloudFormati...Amazon Web Services
 

Similar to Aws Atlanta meetup - Understanding AWS Config (20)

AWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config RulesAWS November Webinar Series - Introducing Config Rules
AWS November Webinar Series - Introducing Config Rules
 
SRV334-Making Things Right with AWS Config Rules and AWS Lambda
SRV334-Making Things Right with AWS Config Rules and AWS LambdaSRV334-Making Things Right with AWS Config Rules and AWS Lambda
SRV334-Making Things Right with AWS Config Rules and AWS Lambda
 
Improving Infrastructure Governance on AWS - AWS June 2016 Webinar Series
Improving Infrastructure Governance on AWS - AWS June 2016 Webinar SeriesImproving Infrastructure Governance on AWS - AWS June 2016 Webinar Series
Improving Infrastructure Governance on AWS - AWS June 2016 Webinar Series
 
Improving Infrastructure Governance on AWS by Henrik Johansson, Solutions Ar...
Improving Infrastructure Governance on AWS by Henrik Johansson, Solutions Ar... Improving Infrastructure Governance on AWS by Henrik Johansson, Solutions Ar...
Improving Infrastructure Governance on AWS by Henrik Johansson, Solutions Ar...
 
Improving Infrastructure Governance on AWS
Improving Infrastructure Governance on AWSImproving Infrastructure Governance on AWS
Improving Infrastructure Governance on AWS
 
Monitoring and Alerting
Monitoring and AlertingMonitoring and Alerting
Monitoring and Alerting
 
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
 
AWS Security for Technical Decision Makers
AWS Security for Technical Decision MakersAWS Security for Technical Decision Makers
AWS Security for Technical Decision Makers
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
 
Network Security and Access Control in AWS
Network Security and Access Control in AWSNetwork Security and Access Control in AWS
Network Security and Access Control in AWS
 
Towards Full Stack Security
Towards Full Stack SecurityTowards Full Stack Security
Towards Full Stack Security
 
Network Security and Access Control within AWS
Network Security and Access Control within AWS Network Security and Access Control within AWS
Network Security and Access Control within AWS
 
AWS CloudFormation: Infrastructure as Code | AWS Public Sector Summit 2016
AWS CloudFormation: Infrastructure as Code | AWS Public Sector Summit 2016AWS CloudFormation: Infrastructure as Code | AWS Public Sector Summit 2016
AWS CloudFormation: Infrastructure as Code | AWS Public Sector Summit 2016
 
What's New with Big Data Analytics
What's New with Big Data AnalyticsWhat's New with Big Data Analytics
What's New with Big Data Analytics
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS Resources
 
Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016
 
Detective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record ChangeDetective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record Change
 
Easily Govern and Audit your AWS Resources
Easily Govern and Audit your AWS ResourcesEasily Govern and Audit your AWS Resources
Easily Govern and Audit your AWS Resources
 
ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management ToolsENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools
 
AWS re:Invent 2016: Infrastructure Continuous Delivery Using AWS CloudFormati...
AWS re:Invent 2016: Infrastructure Continuous Delivery Using AWS CloudFormati...AWS re:Invent 2016: Infrastructure Continuous Delivery Using AWS CloudFormati...
AWS re:Invent 2016: Infrastructure Continuous Delivery Using AWS CloudFormati...
 

More from Adam Book

Aws meetup control_tower
Aws meetup control_towerAws meetup control_tower
Aws meetup control_towerAdam Book
 
Aws meetup s3_plus
Aws meetup s3_plusAws meetup s3_plus
Aws meetup s3_plusAdam Book
 
AWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
AWS Atlanta Meetup -AWS Spot Blocks and Spot FleetAWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
AWS Atlanta Meetup -AWS Spot Blocks and Spot FleetAdam Book
 
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code DeployAWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code DeployAdam Book
 
AWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
AWS Atlanta Meetup - June 19 - AWS organizations - Account StructureAWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
AWS Atlanta Meetup - June 19 - AWS organizations - Account StructureAdam Book
 
Aws meetup systems_manager
Aws meetup systems_managerAws meetup systems_manager
Aws meetup systems_managerAdam Book
 
AWS Atlanta meetup Secrets Manager
AWS Atlanta meetup Secrets ManagerAWS Atlanta meetup Secrets Manager
AWS Atlanta meetup Secrets ManagerAdam Book
 
AWS Atlanta meetup cognit Back to Basics
AWS Atlanta meetup cognit Back to BasicsAWS Atlanta meetup cognit Back to Basics
AWS Atlanta meetup cognit Back to BasicsAdam Book
 
AWS Atlanta meetup CloudFormation conditionals
AWS Atlanta meetup CloudFormation conditionals AWS Atlanta meetup CloudFormation conditionals
AWS Atlanta meetup CloudFormation conditionals Adam Book
 
AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM Adam Book
 
Aws Atlanta meetup Amazon Athena
Aws Atlanta meetup Amazon AthenaAws Atlanta meetup Amazon Athena
Aws Atlanta meetup Amazon AthenaAdam Book
 
Aws meetup aws_waf
Aws meetup aws_wafAws meetup aws_waf
Aws meetup aws_wafAdam Book
 
AWS Certification Paths And Tips for Getting Certified
AWS Certification Paths And Tips for Getting CertifiedAWS Certification Paths And Tips for Getting Certified
AWS Certification Paths And Tips for Getting CertifiedAdam Book
 
Aws meetup building_lambda
Aws meetup building_lambdaAws meetup building_lambda
Aws meetup building_lambdaAdam Book
 
AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings Adam Book
 
Aws meetup managed_nat
Aws meetup managed_natAws meetup managed_nat
Aws meetup managed_natAdam Book
 
Aws meetup ssm
Aws meetup ssmAws meetup ssm
Aws meetup ssmAdam Book
 
Aws atlanta march_2015
Aws atlanta march_2015Aws atlanta march_2015
Aws atlanta march_2015Adam Book
 
Aws multi-region High Availability
Aws multi-region High Availability Aws multi-region High Availability
Aws multi-region High Availability Adam Book
 
AWS Cloud Formation
AWS Cloud Formation AWS Cloud Formation
AWS Cloud Formation Adam Book
 

More from Adam Book (20)

Aws meetup control_tower
Aws meetup control_towerAws meetup control_tower
Aws meetup control_tower
 
Aws meetup s3_plus
Aws meetup s3_plusAws meetup s3_plus
Aws meetup s3_plus
 
AWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
AWS Atlanta Meetup -AWS Spot Blocks and Spot FleetAWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
AWS Atlanta Meetup -AWS Spot Blocks and Spot Fleet
 
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code DeployAWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
 
AWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
AWS Atlanta Meetup - June 19 - AWS organizations - Account StructureAWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
AWS Atlanta Meetup - June 19 - AWS organizations - Account Structure
 
Aws meetup systems_manager
Aws meetup systems_managerAws meetup systems_manager
Aws meetup systems_manager
 
AWS Atlanta meetup Secrets Manager
AWS Atlanta meetup Secrets ManagerAWS Atlanta meetup Secrets Manager
AWS Atlanta meetup Secrets Manager
 
AWS Atlanta meetup cognit Back to Basics
AWS Atlanta meetup cognit Back to BasicsAWS Atlanta meetup cognit Back to Basics
AWS Atlanta meetup cognit Back to Basics
 
AWS Atlanta meetup CloudFormation conditionals
AWS Atlanta meetup CloudFormation conditionals AWS Atlanta meetup CloudFormation conditionals
AWS Atlanta meetup CloudFormation conditionals
 
AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM AWS Atlanta meetup 2/ 2017 Redshift WLM
AWS Atlanta meetup 2/ 2017 Redshift WLM
 
Aws Atlanta meetup Amazon Athena
Aws Atlanta meetup Amazon AthenaAws Atlanta meetup Amazon Athena
Aws Atlanta meetup Amazon Athena
 
Aws meetup aws_waf
Aws meetup aws_wafAws meetup aws_waf
Aws meetup aws_waf
 
AWS Certification Paths And Tips for Getting Certified
AWS Certification Paths And Tips for Getting CertifiedAWS Certification Paths And Tips for Getting Certified
AWS Certification Paths And Tips for Getting Certified
 
Aws meetup building_lambda
Aws meetup building_lambdaAws meetup building_lambda
Aws meetup building_lambda
 
AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings AWS CloudFormation Intrinsic Functions and Mappings
AWS CloudFormation Intrinsic Functions and Mappings
 
Aws meetup managed_nat
Aws meetup managed_natAws meetup managed_nat
Aws meetup managed_nat
 
Aws meetup ssm
Aws meetup ssmAws meetup ssm
Aws meetup ssm
 
Aws atlanta march_2015
Aws atlanta march_2015Aws atlanta march_2015
Aws atlanta march_2015
 
Aws multi-region High Availability
Aws multi-region High Availability Aws multi-region High Availability
Aws multi-region High Availability
 
AWS Cloud Formation
AWS Cloud Formation AWS Cloud Formation
AWS Cloud Formation
 

Recently uploaded

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Recently uploaded (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Aws Atlanta meetup - Understanding AWS Config

  • 1.
  • 2.
  • 3.
  • 5. Assess Retrieves configurations of one or more resources that exist in your account Retrieves historical configurations of one or more resources Produces a snapshot of the current configurations of the supported resources that are associated with your AWS account
  • 6. Evaluate Evaluates your AWS resource configurations for desired settings
  • 7. Monitor Sends notifications whenever a resource is created, modified, or deleted
  • 10. Foundational Element of Security Inventory and Configuration Management • What’s currently out there • What is the latest configuration state of my resources • What relationships exist between my resources • What configuration changes occurred in the last ‘X’ number of days? • Which EC2 instances are build on top of a particular machine image?
  • 11. Changing Resources Record Normalize Store Deliver APIs History Stream Snapshot
  • 12. Retrieve Configurations of one or more resources Retrieve Historical Configurations of One or More Resources Produce a snapshot of the current configurations of the supported resources Produce a snapshot of the current configurations of the supported resources Evaluates your AWS resources configurations for desired settings Sends notifications whenever a resource is created, modified or deleted Shows relevant relationships between resources
  • 13. AWS Shield AWSWAFAWS Certificate Manager IAM Security, Identity & Compliance ManagementTools Amazon CloudWatch AWS CloudFormation AWS CloudTrail AWS Service Catalog DeveloperTools AWS CodeBuild AWS CodePipeline AWS X-Ray Database Amazon RDS Amazon DynamoDB Amazon Redshift Networking / Content Delivery Amazon CloudFront Elastic Load Balancing* Compute Auto Scaling Amazon EC2 AWS Elastic Beanstalk AWS Lambda Storage Amazon S3
  • 14. Amazon EC2 Systems Manager AWS Organizations AWS CloudTrail Application Load Balancer Amazon EC2 Dedicated Host AWS Config integrates with AWS CloudTrail to correlate configuration changes to particular events in your account. AWS Config integrates with AWS Systems Manager to record configuration changes to software on your Amazon EC2 instances and servers in your on-premises environment. Config records when instances are launched, stopped, or terminated on a Dedicated Host, and pairs this information with host and instance level information relevant to software licensing, such as Host ID, Amazon Machine Image (AMI) IDs, number of sockets and physical cores. Config records changes to your ALBs and also includes relationships with associated EC2 security groups,VPCs, and subnets.You can use this information for security analysis and troubleshooting. You can use AWS Organizations to define the accounts to use for AWS Config’s multi-account, multi-region data aggregation capability.
  • 15. Rules represent your ideal configuration settings Use pre-built rules byAWS Build your own rules using AWS Lambda Invoked automatically for continual assessment Use the dashboard for visualizing compliance and identifying offending changes • 60+ prebuilt rules by AWS • Custom rules by Lambda • GitHub repo: Community Sourced Rules
  • 16. For Compute there are 22 pre- defined rules available including: • ec2-managedinstance- applications-required • encrypted-volumes For IAM there are 14 pre-defined rules available including: • Iam-group-has-users • Iam-user-group-membership- check • root-account-mfa-enabled
  • 17. Rules are triggered in 1 of 2 ways: Triggered by changes Triggered by time (i.e. every 3 hours ) Triggering Rules Configuration Item All configuration attributes for a given resource at a given point in time, captured at every configuration change.
  • 18. Configuration Item Component Description Contains Metadata Information about this configuration Item Version ID, Configuration Item ID,Time when the configuration item was captured, State ID indicating the ordering of the configurating items of a resource, MD5 hash, etc. Common Attributes Resource Attributes Resource ID, tags, ResourceType, ARN , Availability Zone etc. Relationships How the resource is related to other resources in the account EBS volume vol-1234567 is attached to instance EC2- a1b2c3d4 Current Configuration Information returned through a call to the Describe or ListAPI of the resource e.g. For EBS volume State of Delete onTermination flag,Type of volume – for example. gp2, io1 or standard Related Events The AWS CloudTrail events that are related to the current configuration item AWS CloudTrail ID
  • 19. There is a rule development kit (RDK) available from amazon available on Github to help you get started writing custom rules: https://github.com/awslabs/aws-config-rdk There are also a number of predefined rule where you can see the example code for https://github.com/awslabs/aws-config-rules

Editor's Notes

  1. This comes from the AWS CAF (or Cloud Adoption Framework)
  2. This allows you to quickly get progress updates across all of your migrations, easily identify and troubleshoot any issues, and reduce the overall time and effort spent on your migration projects.
  3. Even though you access the hub console from Oregon, you can move into any region as long as the migration tool supports it.
  4. The first thing you need to do is understand what is a configuration item
  5. The first thing you need to do is understand what is a configuration item
  6. Even though you access the hub console from Oregon, you can move into any region as long as the migration tool supports it.