Questions tagged [aws-config]
AWS config provides a detailed view of the resources associated with your AWS account, including how they are configured, how they are related to one another, and how the configurations and their relationships have changed over time.
aws-config
128
questions
0
votes
0
answers
11
views
AWS Config Custom Rule to detect IAM MFA is not being triggered
I'm creating a custom Lambda AWS Config rule to detect when a user does not have MFA activated.
I'm setting up the rule trigger type to happen when configuration changes, within the scope of the "...
0
votes
1
answer
21
views
I don't get a notification for compliance change status from aws config
I have tried to to code via cdk an email notification if compliance status of managed rule "maxAccessKeyAge" is non_compliant. I have followed this guide: https://repost.aws/knowledge-center/...
0
votes
0
answers
17
views
Custom conformance pack error for AWS Config
I am creating this custom conformance pack for my client to adhere to local regulatory requirements but when i m deploying the conformance pack i got an error saying Template passed in the input ...
0
votes
0
answers
36
views
I want to save the snapshot settings of all the resources on AWS for change management and enable rollback of resource configuration to desired state
I want to save the snapshot settings of all the resources on AWS for change management and enable rollback of resource configuration to desired state
This is required for the audit purpose on our AWS ...
0
votes
0
answers
29
views
Are there other Remediation options for AWS Config?
Are there ways to add more Automatic remediations, which are just ssm documents, in aws config? I am referring to remediation for aws config rules. I need to delete certain security groups, I need to ...
0
votes
1
answer
95
views
Custom AWS Config rule with Guard policy for checking User access key
I have read this artice that shows how to write a custom AWS Config rule with Guard policy:
https://aws.amazon.com/blogs/mt/announcing-aws-config-custom-rules-using-guard-custom-policy/
I want to ...
1
vote
1
answer
142
views
Amazon ECS task definitions should have secure networking modes and user definitions
ECS.1 Amazon ECS task definitions should have secure networking modes and user definitions.
Given that AWS Batch necessitates the network mode to be 'host' for task definitions, how can we ensure ...
0
votes
0
answers
75
views
How to track changes to AWS WAF Web ACL using AWS Config?
As stated in this page, we can track changes to AWS WAF Web ACL using AWS Config. I created a WAF Web ACL and associated it with an API Gateway Rest API. How to track changes (create/update/delete) to ...
-1
votes
1
answer
30
views
refereshToken is empty aws-amplify javascript
I use aws-amplify as shown below,
Amplify.configure({
Auth: {
region: config.aws.region,
identityPoolRegion: config.aws.region,
userPoolId: process.env.userPoolId,
...
0
votes
0
answers
32
views
Aws config for Api security monitoring
I'm trying to solve an api compliance problem. There are many externally facing api's in our organisation which are not following security standards. I want a automation to audit them and mark them ...
1
vote
1
answer
386
views
AWSServiceRoleForConfig Unauthorized
I have a new AWS organization setup with Control Tower and a few accounts. Recently enabled the CIS 1.4 benchmark CloudWatch Metric Alarms and have been noticing a few times a day I am getting alerts ...
0
votes
1
answer
269
views
AWS Config recorder stuck at "Taking inventory..." status
Today, when I went to AWS Console -> AWS Config -> Settings, and turned off the recorder then turned it back on.
Then the settings page got stuck at "Taking inventory..." status for ...
2
votes
0
answers
126
views
AWS Config rule iam-policy-in-use remains non-compliant despite adding policies
I'm facing an issue with the AWS Config rule iam-policy-in-use. According to the
official documentation
, this rule checks whether only the IAM policies that are used to access a resource are attached ...
0
votes
0
answers
50
views
Using two or more regions from a single profile in one AWS Account
I face a recent problem these days with my AWS structure.
I have two accounts in AWS. One is the test environments and the other is the production.
The most cases i use aws cli to perform actions i ...
0
votes
1
answer
175
views
How to generate monthly report for EC2 server uptime
In cloudwatch, I've set up an alarm when an instance check fails. I want generate a report all EC2 instances server uptime whenever a reboot, stopped and start happen. Do I need to create a log group ...