Amazon Web Services offers AWS Config, a service that provides monitoring and assessment of AWS resource configurations to support compliance auditing, change management and troubleshooting, with resource histories and comparison of historical configurations against planned configurations.
N/A
Ansible
Score 9.2 out of 10
N/A
The Red Hat Ansible Automation Platform (acquired by Red Hat in 2015) is a foundation for building and operating automation across an organization. The platform includes tools needed to implement enterprise-wide automation, and can automate resource provisioning, and IT environments and configuration of systems and devices. It can be used in a CI/CD process to provision the target environment and to then deploy the application on it.
$5,000
per year
Pricing
AWS Config
Red Hat Ansible Automation Platform
Editions & Modules
No answers on this topic
Basic Tower
5,000
per year
Enterprise Tower
10,000
per year
Premium Tower
14,000
per year
Offerings
Pricing Offerings
AWS Config
Ansible
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
With AWS Config, you are charged based on the number of configuration items recorded, the number of active AWS Config rule evaluations and the number of conformance pack evaluations in your account. A configuration item is a record of the configuration state of a resource in your AWS account. An AWS Config rule evaluation is a compliance state evaluation of a resource by an AWS Config rule in your AWS account, and a conformance pack evaluation is the evaluation of a resource by an AWS Config rule within the conformance pack.
—
More Pricing Information
Community Pulse
AWS Config
Red Hat Ansible Automation Platform
Features
AWS Config
Red Hat Ansible Automation Platform
Configuration Management
Comparison of Configuration Management features of Product A and Product B
To keep track of changes and to answer many compliance issues this is a life-saver. AWS does a good job providing tools like this. Any AWS workload should be monitored with AWS Config. It even is great for troubleshooting and seeing who changed what at what time.
I'm going to say it is best suited for configuration management. Like I said, patching even with security, things of that nature. Probably less suited is hardware management, but Red Hat IBM/IBM has Terraform for that. So it's a trade off.
Debugging is easy, as it tells you exactly within your job where the job failed, even when jumping around several playbooks.
Ansible seems to integrate with everything, and the community is big enough that if you are unsure how to approach converting a process into a playbook, you can usually find something similar to what you are trying to do.
Security in AAP seems to be pretty straightforward. Easy to organize and identify who has what permissions or can only see the content based on the organization they belong to.
Vendor lock-in, no easy migration path for example if you want to move some workloads to Azure, you'd not be able to lift and shift.
Only at an AWS resource perspective - cannot do desired state configuration at an OS level (which makes sense but be good if you could even as a separate feature within AWS Config).
Even is if it's a great tool, we are looking to renew our licence for our production servers only. The product is very expensive to use, so we might look for a cheaper solution for our non-production servers. One of the solution we are looking, is AWX, free, and similar to AAP. This is be perfect for our non-production servers.
Overall it's good but the new architecture can be complex. Improvements can be made in the Config as Code capabilities for managing Red Hat Ansible Automation Platform. Sometimes it can be difficult for those unfamiliar to understand the relationship between Projects/Credentials/Job Templates, etc.
The performance has never been an issue for us, the dashboard gives us real-time monitoring and the alert sends us the notification within less than a minute of it happening, this applies to all of the monitored resources on AWS. However we can't (or probably haven't figured out how to) integrate with any other third party services, so we can't really evaluate how it integrates with other services
Great in almost every way compared to any other configuration management software. The only thing I wish for is python3 support. Other than that, YAML is much improved compared to the Ruby of Chef. The agentless nature is incredibly convenient for managing systems quickly, and if a member of your term has no terminal experience whatsoever they can still use the UI.
There is a lot of good documentation that Ansible and Red Hat provide which should help get someone started with making Ansible useful. But once you get to more complicated scenarios, you will benefit from learning from others. I have not used Red Hat support for work with Ansible, but many of the online resources are helpful.
Despite the comparison it is not really apples to apples, the main purpose of the service is quite similar which is to monitor your application or services. In terms of AWS services, AWS Config provides more options to monitor and log your service on the infrastructure level which is very useful on that level and overall will give you more information about what is currently happening. Meanwhile PaperTrail is more suited to monitor and log your service and could only give you information on the application level.
As I said earlier, Red Hat Ansible remains a top choice because it is a perfect combination of multiple capabilities. Terraform is good in IAC but not in config automation. Puppet is well-suited for developers, but not for system administrators and infrastructure integrators. OpenShift and Kubernetes are generic automators only.
We are still early in our implementation and don't have much yet - but I can say that it has already improved the time it takes to deploy a new virtual server for us, as well as making them more consistent.
In working through what jobs are required, it has really improved the communication between our different teams
