AWS Config - ideal for AWS workloads
Rating: 7 out of 10
IncentivizedUse Cases and Deployment Scope
AWS Config allows us to monitor our configuration of AWS resources, whether that be configuration history so we can view any changes which might have caused an issue; or if we want to be able to replicate workloads in a previous configuration.
This also allows us to save all our configurations within an S3 bucket.
We get alerts on some workloads via SNS when applicable.
This also allows us to save all our configurations within an S3 bucket.
We get alerts on some workloads via SNS when applicable.
Pros
- We are able to use AWS config to track changes within our environments.
- We use AWS Config across multiple accounts (environment segregation) whilst maintaining a central (fully backed up because stores in S3 managed repository.
Cons
- Vendor lock-in, no easy migration path for example if you want to move some workloads to Azure, you'd not be able to lift and shift.
- Only at an AWS resource perspective - cannot do desired state configuration at an OS level (which makes sense but be good if you could even as a separate feature within AWS Config).
Likelihood to Recommend
Ideal for compliance monitoring - so providing easy visibility on what volumes aren't encrypted, S3 buckets requests only come from HTTPS sites, RDS is encrypted at rest by default.
There are lots of useful scenarios whereby we use this. Other examples [of how] we use AWS Config include Redshift cluster configuration check, cloud trial is enabled.
There are lots of useful scenarios whereby we use this. Other examples [of how] we use AWS Config include Redshift cluster configuration check, cloud trial is enabled.
Vetted Review
2 years of experience