Q
Get started Bring yourself up to speed with our introductory content.

Use AWS Config service to track app changes

When our IT teams change a cloud configuration, a lot of application data and dependencies change too. How does AWS compile this data for customers?

A configuration item is a collection of data that represents the point-in-time state of an AWS resource in an account....

It's a combination of elements, such as metadata, that identifies the resource, attributes of the resource, its relationships with other resources in the AWS account, the current state of the resource and related AWS CloudTrail events.

When an admin starts the AWS Config service, AWS creates configuration items for every resource in an account. Those items are updated any time there is a change to corresponding resources. For example, AWS creates a configuration item when a new Simple Storage Service (S3) bucket is created, and it creates a subsequent configuration item when an end user updates or deletes that S3 bucket. The optional configuration recorder feature retains old configuration items in a historical file, so admins can evaluate resource configuration changes over time.

Administrators can record configuration changes only for critically important or relevant resources, which is easier and more economical than recording all resources by default. AWS supports configuration items for most resources, including Elastic Compute Cloud (EC2), S3, Elastic Block Store, Elastic Load Balancing, Redshift, CloudTrail, Relational Database Service, Virtual Private Cloud and Identity and Access Management.

AWS cloud management tool another home run for vendor

While AWS Config helps administrators manage cloud configuration, they must still use tools to monitor application and resource performance. So where does AWS need to improve? Listen to this podcast featuring David Linthicum, senior vice president of Cloud Technology Partners, to find out more.

In addition, the AWS Config service records hybrid cloud software changes that occur across EC2 instances and on-premises servers. For example, if a user installs an operating system update on an EC2 instance, the AWS Config service records the new configuration item. An admin can then review configuration history to determine when updates appeared and which updates were installed.

The AWS Config service factors in relationships between resources, which is reflected in configuration item data. When a change occurs to one resource, the configuration item for that resource also changes, as does the configuration item for related resources. If, for example, a new security group connects to an existing EC2 instance, configuration items for the security group and the EC2 instance both update to reflect the change.

Next Steps

Use AWS Config to audit resources

Learn how AWS configuration management tools work

Make the right choice with AWS monitoring tools

This was last published in April 2017

Dig Deeper on AWS compliance, governance, privacy and regulations

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Which AWS resources do you monitor for configuration changes?
Cancel

-ADS BY GOOGLE

SearchCloudApplications

TheServerSide.com

SearchSoftwareQuality

SearchCloudComputing

Close