Lab Details

1. This lab walks you through the steps to set up a recording configuration setting for AWS Config and Detect the unprotected Security groups present in the account.

2. You will practice using Amazon Config rules to check whether security groups are having a target for SSH as open to the world or not, It's open then AWS Config will flag them as a non-compliant resource. 

3. Duration: 60 minutes

4. AWS Region: US East (N. Virginia) us-east-1

Introduction

What is Config

• AWS Config comes under the Management & Governance category in the list of present categories and services.

• Config takes care of an audit, evaluation, and assessment of AWS Resources in your account.

• It is labeled as "Record and evaluates configurations of your AWS resources", according to AWS.

• AWS Config does the following:

  • It retrieves current and historical configurations of the account.

  • Evaluated the configuration of your AWS resource for the desired setting and send you the notification whenever a resource is created, modified, or deleted. 

  • It also shows the relationships between AWS resources.

Architecture Diagram

Task Details

1. Launching Lab Environment

2. Setup Config with 1 Click option

3. Create a Config Rule

4. Create first Security Group

5. Create second Security Group

6. Test the compliance status of the Security groups

7. Validation of the lab

8. Deleting AWS Resources