6.1
Review and ensure that you have setup your development environment before going through the steps below.
"AWS Config provides AWS managed rules, which are predefined, customizable rules that AWS Config uses to evaluate whether your AWS resources comply with common best practices. For example, you can define the rule's scope to constrain which resources trigger an evaluation for the rule, such as EC2 instances or volumes." Source
In this exercise, you will configure the settings for AWS Config which includes turning on the Config recorder along with a delivery channel. If you have already configured AWS Config, this section is optional. Here are the steps:
- Go to the AWS Config console.
- If it is your first time using Config, click the Get Started button.
- Select the Include global resources (e.g., AWS IAM resources) checkbox.
- In the Amazon SNS topic section, select the Stream configuration changes and notifications to an Amazon SNS topic checkbox.
- Choose the Create a topic radio button in the Amazon SNS topic section
- In the Amazon S3 bucket section, select the Create a bucket radio button
- In the AWS Config role section, select the Use an existing AWS Config service-linked role radio button
- Click the Next button
- Click the Skip button on the AWS Config rules page
- Click the Confirm button on the Review page
- Launch the AWS Config Console
- Click Rules
- Click Add rule
- Type encrypted
- Select encrypted-volumes
- Click Save
- Go to the AWS Config Dashboard and refresh the results
