Home
Blog
Security
December 5, 2020
min

AWS Config for compliance

AWS Config is a service that delivers an all-encompassing perspective on your AWS resource inventory, configuration history, and change alerts, facilitating security and governance.
Stream Team
No items found.
No items found.

TL;DR

AWS Config is a service that delivers an all-encompassing perspective on your AWS resource inventory, configuration history, and change alerts, facilitating security and governance. With this service, you can evaluate, audit, and examine the configurations of your AWS resources. AWS Config enables continuous monitoring of resource configuration modifications, providing notifications when alterations occur, which helps ensure adherence to internal protocols and regulatory requirements. The service also offers a detailed history of changes made to your resources, allowing you to identify the origin of a modification and comprehend its impact on your environment. AWS Config supports a variety of resource types, such as EC2 instances, RDS databases, Lambda functions, and more. Additionally, it integrates with other AWS offerings like Amazon S3, Amazon CloudWatch, and Amazon SNS, delivering a centralized overview of your AWS landscape.

The expenses associated with using Config are contingent on the quantity and kind of AWS resources being monitored, the number of configuration items documented, and the volume of data stored. Configuration recording charges depend on the number of configuration items logged and the number of configuration alterations documented. Data storage charges arise from the amount of data held within the AWS Config service.

Direct Costs include:

  • Per Configuration Item recorded in a region
  • For the first 100,000 evaluations in a region

To enable AWS Config, follow these steps:

  1. Sign in to the AWS Management Console: Go to https://aws.amazon.com/ and sign in with your AWS credentials.
  2. Open the AWS Config console: Once logged in, find the AWS Config service by typing "Config" in the "Find Services" search bar, then click on "AWS Config" from the search results.
  3. Set up AWS Config: In the AWS Config console, click the "Get started" button. You'll be taken to the "Settings" page.
  4. Configure settings:
  5. Resource types to record: Choose "All resources" to record all supported resource types, or select "Specific types" to specify the resources you want to monitor.
  6. Amazon S3 bucket: Choose an existing S3 bucket or create a new one to store your configuration history files and snapshot files.
  7. Amazon SNS topic: Select an existing SNS topic or create a new one to receive notifications when your resources' configurations change.
  8. AWS Config role: Choose an existing IAM role for AWS Config to use, or let the service create a new role (called "config-role") with the necessary permissions.
  9. Enable AWS Config: Review your settings, and click the "Confirm" button to enable AWS Config. The service will start monitoring and recording the configurations of the specified resources.

About Stream Security

Stream.Security delivers the only cloud detection and response solution that SecOps teams can trust. Born in the cloud, Stream’s Cloud Twin solution enables real-time cloud threat and exposure modeling to accelerate response in today’s highly dynamic cloud enterprise environments. By using the Stream Security platform, SecOps teams gain unparalleled visibility and can pinpoint exposures and threats by understanding the past, present, and future of their cloud infrastructure. The AI-assisted platform helps to determine attack paths and blast radius across all elements of the cloud infrastructure to eliminate gaps accelerate MTTR by streamlining investigations, reducing knowledge gaps while maximizing team productivity and limiting burnout.

Stream Team
Related Articles
All
Security
articles >
A Layered Approach to Reducing False Positives in Cloud Security
Security
A Layered Approach to Reducing False Positives in Cloud Security
Discover how real-time context in cloud security can reduce false positives and improve threat response. Stream Security provides visibility into network reachability, identity exploitability, and security controls, helping teams prioritize genuine risks and mitigate threats efficiently without disrupting business operations.
Tal Shladovsky
Sep 18, 2024
5
min
How to Outpace the Adversary with Stream Security
Security
How to Outpace the Adversary with Stream Security
As organizations increasingly migrate to the cloud, the landscape of cybersecurity evolves, presenting new and complex challenges for security teams. The dynamic nature of cloud environments, coupled with the scale and sophistication of potential threats, demands a proactive and context-driven approach to threat detection. Traditional security measures often fall short, requiring security teams to adapt and develop strategies that can effectively identify, prioritize, and neutralize threats in the cloud. In this blog, we’ll review threat detection challenges in the cloud, and how Stream Security can help overcome these challenges.
Tal Shladovsky
Aug 28, 2024
6
min
Why Cloud Security Tools Have So Many False Positives?
Security
Why Cloud Security Tools Have So Many False Positives?
Struggling with cloud security false positives? Learn how to overcome alert fatigue and focus on real threats by understanding the root causes of false alarms in dynamic cloud environments. Explore specific examples and discover how Stream Security can help you drastically reduce false positives and streamline your security response. Prioritize real risks and improve your cloud security posture today.
Tal Shladovsky
Aug 20, 2024
6
min

Step into the Future of SecOps

Take a test drive >
Schedule a live demo >