Auditing Resource Compliance with AWS Config

1.75 hours
  • 4 Learning Objectives

About this Hands-on Lab

In this hands-on lab, we’ll implement AWS Config rules and use AWS Config for compliance auditing and remediation. We will configure compliance rules for evaluating the EC2 instance type, if S3 Versioning is enabled, EC2 instances in a VPC, and if CloudTrail is enabled. These rules will give you firsthand knowledge about how the AWS Config service works. We will then explore the configuration management aspect of AWS Config.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Enable AWS Config
  1. Navigate to the AWS Config Console.
  2. Create S3 bucket.
  3. Create AWS Config.
Configure Rules for Resources
  1. Select the cloudtrail-enabled card.
  2. Add the rules.
  3. Select the desired-instance-type card.
  4. Add the rules.
  5. Select the ec2-instances-in-vpc card.
  6. Add the rules.
  7. Select the s3-bucket-versioning-enabled card.
  8. Add the rules.
  9. Save configuration settings.
Configure the Non-Compliant Resources to Comply
  1. Open S3.
  2. Edit settings and save.
  3. Open CloudTrail and create a new trail named ConfigTrail.
  4. Create a new S3 bucket and give it a unique name.
Re-Evaluate the Non-Compliant Rules in AWS Config
  1. Re-evaluate the S3 bucket rules.
  2. Wait for the S3 rule to become compliant.
  3. Re-evaluate the CloudTrail rules.
  4. Wait for the CloudTrail rule to become compliant.

Additional Resources

Use the N. Virginia (us-east-1) Region throughout the lab.

Note: AWS Config may need to be toggled off and back on again if it does not report correctly after a reasonable length of time.

Note: You may see other resources detected by Config; you can safely disregard those extra resources. Config takes a long time to show correctly, especially in us-east-1 Region. Often stopping and starting AWS Config will speed up the results.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?