AWS Config announces the launch of an additional 75 managed Config rules for various use cases such as security, durability, and operations. You can now search, discover, enable and manage these additional rules directly from AWS Config and govern more use cases for your AWS environment.
With this launch, you can now enable these controls across your account or across your organization. For example, you can assess your security posture across AWS Amplify, Amazon SageMaker, Amazon Route 53, and more. Additionally, you can leverage Conformance Packs to group these new controls and deploy across an account or across organization, streamlining your multi-account governance.
For the full list of recently released rules, visit the AWS Config developer guide . For description of each rule and the AWS Regions in which it is available, please refer our Config managed rules documentation . To start using Config rules, please refer our documentation .
New Rules Launched:
- ACM_CERTIFICATE_TRANSPARENT_LOGGING_ENABLED
- AMPLIFY_APP_BUILD_SPEC_CONFIGURED
- AMPLIFY_APP_PLATFORM_CHECK
- AMPLIFY_BRANCH_AUTO_BUILD_ENABLED
- AMPLIFY_BRANCH_BUILD_SPEC_CONFIGURED
- AMPLIFY_BRANCH_FRAMEWORK_CONFIGURED
- AMPLIFY_BRANCH_PULL_REQUEST_PREVIEW_ENABLED
- APIGATEWAY_DOMAIN_NAME_TLS_CHECK
- APIGATEWAYV2_INTEGRATION_PRIVATE_HTTPS_ENABLED
- APPINTEGRATIONS_APPLICATION_APPROVED_ORIGINS_CHECK
- APPINTEGRATIONS_APPLICATION_TAGGED
- APPMESH_MESH_IP_PREF_CHECK
- APPMESH_VIRTUAL_GATEWAY_LISTENERS_HEALTH_CHECK_ENABLED
- APPMESH_VIRTUAL_NODE_LISTENERS_HEALTH_CHECK_ENABLED
- APPMESH_VIRTUAL_NODE_LISTENERS_OUTLIER_DETECT_ENABLED
- APPMESH_VIRTUAL_NODE_SERVICE_BACKENDS_TLS_ENFORCED
- CLOUDTRAIL_EVENT_DATA_STORE_MULTI_REGION
- CLOUDWATCH_ALARM_DESCRIPTION
- CODEARTIFACT_REPOSITORY_TAGGED
- CODEBUILD_PROJECT_TAGGED
- EC2_IPAMSCOPE_TAGGED
- EC2_LAUNCHTEMPLATE_EBS_ENCRYPTED
- ECS_SERVICE_PROPAGATE_TAGS_ENABLED
- ELBV2_TARGETGROUP_HEALTHCHECK_PROTOCOL_ENCRYPTED
- ELBV2_TARGETGROUP_PROTOCOL_ENCRYPTED
- EVENTSCHEMAS_DISCOVERER_TAGGED
- EVENTSCHEMAS_REGISTRY_TAGGED
- GROUNDSTATION_CONFIG_TAGGED
- GROUNDSTATION_DATAFLOWENDPOINTGROUP_TAGGED
- GROUNDSTATION_MISSIONPROFILE_TAGGED
- HEALTHLAKE_FHIRDATASTORE_TAGGED
- IAM_OIDC_PROVIDER_CLIENT_ID_LIST_CHECK
- IAM_POLICY_DESCRIPTION
- IMAGEBUILDER_DISTRIBUTIONCONFIGURATION_TAGGED
- IMAGEBUILDER_IMAGEPIPELINE_TAGGED
- IMAGEBUILDER_IMAGERECIPE_EBS_VOLUMES_ENCRYPTED
- IMAGEBUILDER_IMAGERECIPE_TAGGED
- IMAGEBUILDER_INFRASTRUCTURECONFIGURATION_TAGGED
- KINESISVIDEO_SIGNALINGCHANNEL_TAGGED
- KINESISVIDEO_STREAM_TAGGED
- LAMBDA_FUNCTION_APPLICATION_LOG_LEVEL_CHECK
- LAMBDA_FUNCTION_LOG_FORMAT_JSON
- LAMBDA_FUNCTION_SYSTEM_LOG_LEVEL_CHECK
- LIGHTSAIL_BUCKET_OBJECT_VERSIONING_ENABLED
- MEDIAPACKAGE_PACKAGINGCONFIGURATION_TAGGED
- MEDIATAILOR_PLAYBACKCONFIGURATION_TAGGED
- MEMORYDB_SUBNETGROUP_TAGGED
- NEPTUNE_CLUSTER_SNAPSHOT_IAM_DATABASE_AUTH_ENABLED
- OPENSEARCHSERVERLESS_COLLECTION_DESCRIPTION
- OPENSEARCHSERVERLESS_COLLECTION_STANDBYREPLICAS_ENABLED
- PANORAMA_PACKAGE_TAGGED
- RDS_CLUSTER_BACKUP_RETENTION_CHECK
- RDS_GLOBAL_CLUSTER_AURORA_MYSQL_SUPPORTED_VERSION
- RESILIENCEHUB_APP_TAGGED
- RESILIENCEHUB_RESILIENCYPOLICY_TAGGED
- ROUTE53_RECOVERY_CONTROL_CLUSTER_TAGGED
- ROUTE53_RECOVERY_READINESS_CELL_TAGGED
- ROUTE53_RECOVERY_READINESS_READINESS_CHECK_TAGGED
- ROUTE53_RECOVERY_READINESS_RECOVERY_GROUP_TAGGED
- ROUTE53_RECOVERY_READINESS_RESOURCE_SET_TAGGED
- ROUTE53_RESOLVER_RESOLVER_ENDPOINT_TAGGED
- S3_DIRECTORY_BUCKET_LIFECYCLE_POLICY_RULE_CHECK
- SAGEMAKER_DATA_QUALITY_JOB_ENCRYPT_IN_TRANSIT
- SAGEMAKER_DATA_QUALITY_JOB_ISOLATION
- SAGEMAKER_FEATUREGROUP_DESCRIPTION
- SAGEMAKER_INFERENCEEXPERIMENT_TAGGED
- SAGEMAKER_MODEL_BIAS_JOB_ENCRYPT_IN_TRANSIT
- SAGEMAKER_MODEL_BIAS_JOB_ISOLATION
- SAGEMAKER_MODEL_EXPLAINABILITY_JOB_ENCRYPT_IN_TRANSIT
- SAGEMAKER_MODEL_QUALITY_JOB_ENCRYPT_TRANSIT
- SAGEMAKER_MONITORING_SCHEDULE_ISOLATION
- SIGNER_SIGNINGPROFILE_TAGGED
- TRANSFER_CONNECTOR_AS2_ENCRYPTION_ALGORITHM_CHECK
- TRANSFER_CONNECTOR_AS2_MDN_SIGNING_ALGORITHM_CHECK
- TRANSFER_CONNECTOR_AS2_SIGNING_ALGORITHM_CHECK