This lab walks you through the steps to set up a recording configuration setting for AWS Config and Detect the unprotected Security groups present in the account.
You will practice using Amazon Config rules to check whether security groups are having a target for SSH as open to the world or not, It's open then AWS Config will flag them as a non-compliant resource.
Duration: 60 minutes
AWS Region: US East (N. Virginia) us-east-1
AWS Config comes under the Management & Governance category in the list of present categories and services.
Config takes care of an audit, evaluation, and assessment of AWS Resources in your account.
It is labeled as "Record and evaluates configurations of your AWS resources", according to AWS.
AWS Config does the following:
It retrieves current and historical configurations of the account.
Evaluated the configuration of your AWS resource for the desired setting and send you the notification whenever a resource is created, modified, or deleted.
It also shows the relationships between AWS resources.
Launching Lab Environment
Setup Config with 1 Click option
Create a Config Rule
Create first Security Group
Create second Security Group
Test the compliance status of the Security groups
Validation of the lab