AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. What does this mean in practice? I'll tell you about my recent case. One of my clients uses the AWS Secrets Manager service to store OAuth keys and API tokens. There are a lot of keys and tokens (several hundred). Secrets rotation (update) is carried out using various AWS Lambda functions. It was difficult for the administrators to manually monitor whether everything in the system works correctly and if there are any keys that, for some reason, have not been updated for a given period of time. So I faced the task of creating 2 custom AWS Config rules:
AWS, Python, Dynamo DB, MongoDB, Serverless, NoSQL, AWS Lambda, Bitrix24, PHP, SQL, MySQL