The AWS Config management tool has taken a step forward with general availability in four Amazon Web Services regions,...
but it still needs some tweaks, users said.
AWS Config was first revealed at re:Invent last November and has been in preview since. The tool provides a resource inventory and change history as well as configuration change notifications on the Amazon Web Services (AWS) infrastructure.
The preview was only available in the US-East region, as is customary for new AWS Services, but as of this week has become available in three more: US-West (Oregon), Europe (Ireland) and Asia-Pacific (Sydney). It's priced at $0.003 per configuration item recorded; there are also underlying charges for the Simple Storage Service and Simple Notification Service that integrate with it.
One AWS user who took part in the preview of AWS Config said that while it's a useful tool, its interface is lacking.
"It does a great job tracking any and all changes to your AWS environment," said Craig Loop, director of networking for Realty Data Company, of Naperville, Ill., which sells property information to mortgage bankers. "The only issue I had with it was the console was very basic and the emails were more verbose and cryptic than an email should be to notify of changes."
He's not using the service in production, but once those things change, Loop said he'd consider turning the service back on. The console either requires users to know what they're looking for by searching on a resource ID, a unique identifier used by Config to track resources, or to browse by device name tags. Some further browse-ability of resources according to attributes such as size and location would also be key, Loop said.
AWS Config was supported with the Elastic Compute Cloud, Elastic Block Store, Virtual Private Cloud and CloudTrail in its preview stage. The remainder of the AWS product catalog was not yet supported, though integration with the Elastic Load Balancer, Relational Database Service and Auto-Scaling Groups was supposed to be next on the docket. These latter services are still not yet integrated into the tool; AWS Config information also can't be fed as yet into CloudFormation to generate deployment templates.
Currently, AWS Config is integrated with CloudTrail, an auditing service which keeps track of API calls, so that any changes to AWS Config's data gathering can be recorded in CloudTrail, according to the AWS blog.
AWS Config is also an all-or-nothing service today; it can't be set to monitor a subset of resources yet. Partners such as ServiceNow and 2nd Watch are working to integrate the raw materials of AWS Config into change management databases and other infrastructure monitoring tools that may allow for this.
AWS officials declined to comment as to when AWS Config will further integrate with other AWS Services or feature a brushed-up interface.