CloudAcademy

Compliance Check Using AWS Config Rules (Managed & Custom)

The hands-on lab is part of these learning paths

Security - Specialty Certification Preparation for AWS

course-steps 21 certification 1 lab-steps 11

GDPR: Using AWS Compliance Enabling Services

course-steps 7 certification 1 lab-steps 2

AWS Security Services

course-steps 7 certification 1 lab-steps 3 quiz-steps 5

AWS Cloud Management Tools

course-steps 5 certification 1 lab-steps 5 quiz-steps 4

AWS Auditing & Monitoring

course-steps 4 certification 1 lab-steps 3 quiz-steps 2

AWS Governance & Compliance

course-steps 4 certification 1 lab-steps 2 quiz-steps 3

DevOps Engineer – Professional Certification Preparation for AWS

course-steps 16 certification 1 lab-steps 10 quiz-steps 2

Lab Steps

keyboard_tab
lock
Logging in to the Amazon Web Services Console
lock
Setting up the Configuration Recorder
lock
Working with AWS Config Managed Rules
lock
Analyzing and Remedying a Noncompliant Resource
lock
Working with AWS Config Custom Rules

Ready for the real environment experience?

DifficultyIntermediate
Duration2h
Students189

Description

Lab Overview

AWS Config is a powerful tool in your security and governance toolkit. AWS Config can record and track changes to the configuration of many types of resources in AWS. Config Rules can be used to monitor compliance with your security and governance policies. You can leverage AWS Config managed rules to quickly get started with compliance checking of common policies. You are also able to write custom rules to cover whatever policy you care to enforce. In this lab, you will get hands-on experience with managed and custom AWS Config rules.

Lab Objectives

Upon completion of this lab you will be able to:

  • Configure the configuration recorder to AWS resources
  • Track and audit security changes using AWS Config
  • Explore the integration between AWS Config and CloudTrail
  • Use managed and custom rules to check compliance
  • Analyze and correct non-compliant resources

Lab Prerequisites

You should be familiar with the following:

  • EC2 Security Groups basics
  • CloudTrail and AWS Lambda basics will be helpful but not required

Lab Environment

Before completing the lab instructions the environment will look as follows:

After completing the lab instructions the environment should look similar to:

 

About the Author

Students6161
Labs57
Courses3
Learning paths2

Logan has been involved in software development and research for over eleven years, including six years in the cloud. He is an AWS Certified DevOps Engineer - Professional, MCSE: Cloud Platform and Infrastructure, and Certified Kubernetes Administrator (CKA). He earned his Ph.D. studying design automation and enjoys all things tech.