AWS Config는 보안, 내구성, 운영 등 다양한 사용 사례를 위한 75개의 추가 관리형 Config 규칙을 출시한다고 발표했습니다. 이제 AWS Config에서 직접 이 추가 규칙을 검색, 탐색, 활성화 및 관리하여 AWS 환경의 더 많은 사용 사례를 제어할 수 있습니다.
이번 출시를 통해 이제 이러한 제어를 계정 또는 조직 전체에 걸쳐 활성화할 수 있습니다. 예를 들어, AWS Amplify, Amazon SageMaker, Amazon Route 53 등에서 보안 상태를 평가할 수 있습니다. 또한 컨포먼스 팩을 활용하여 이러한 새로운 제어를 그룹화하고 계정 또는 조직 전체에 배포함으로써 다중 계정 거버넌스를 간소화할 수 있습니다.
최근 출시된 규칙의 전체 목록은 AWS Config 개발자 가이드를 참조하십시오. 각 규칙에 대한 설명과 사용 가능한 AWS 리전은 Config 관리형 규칙 설명서를 참조하십시오. Config 규칙 사용을 시작하려면 설명서를 참조하십시오.
새로 출시된 규칙:
- ACM_CERTIFICATE_TRANSPARENT_LOGGING_ENABLED
- AMPLIFY_APP_BUILD_SPEC_CONFIGURED
- AMPLIFY_APP_PLATFORM_CHECK
- AMPLIFY_BRANCH_AUTO_BUILD_ENABLED
- AMPLIFY_BRANCH_BUILD_SPEC_CONFIGURED
- AMPLIFY_BRANCH_FRAMEWORK_CONFIGURED
- AMPLIFY_BRANCH_PULL_REQUEST_PREVIEW_ENABLED
- APIGATEWAY_DOMAIN_NAME_TLS_CHECK
- APIGATEWAYV2_INTEGRATION_PRIVATE_HTTPS_ENABLED
- APPINTEGRATIONS_APPLICATION_APPROVED_ORIGINS_CHECK
- APPINTEGRATIONS_APPLICATION_TAGGED
- APPMESH_MESH_IP_PREF_CHECK
- APPMESH_VIRTUAL_GATEWAY_LISTENERS_HEALTH_CHECK_ENABLED
- APPMESH_VIRTUAL_NODE_LISTENERS_HEALTH_CHECK_ENABLED
- APPMESH_VIRTUAL_NODE_LISTENERS_OUTLIER_DETECT_ENABLED
- APPMESH_VIRTUAL_NODE_SERVICE_BACKENDS_TLS_ENFORCED
- CLOUDTRAIL_EVENT_DATA_STORE_MULTI_REGION
- CLOUDWATCH_ALARM_DESCRIPTION
- CODEARTIFACT_REPOSITORY_TAGGED
- CODEBUILD_PROJECT_TAGGED
- EC2_IPAMSCOPE_TAGGED
- EC2_LAUNCHTEMPLATE_EBS_ENCRYPTED
- ECS_SERVICE_PROPAGATE_TAGS_ENABLED
- ELBV2_TARGETGROUP_HEALTHCHECK_PROTOCOL_ENCRYPTED
- ELBV2_TARGETGROUP_PROTOCOL_ENCRYPTED
- EVENTSCHEMAS_DISCOVERER_TAGGED
- EVENTSCHEMAS_REGISTRY_TAGGED
- GROUNDSTATION_CONFIG_TAGGED
- GROUNDSTATION_DATAFLOWENDPOINTGROUP_TAGGED
- GROUNDSTATION_MISSIONPROFILE_TAGGED
- HEALTHLAKE_FHIRDATASTORE_TAGGED
- IAM_OIDC_PROVIDER_CLIENT_ID_LIST_CHECK
- IAM_POLICY_DESCRIPTION
- IMAGEBUILDER_DISTRIBUTIONCONFIGURATION_TAGGED
- IMAGEBUILDER_IMAGEPIPELINE_TAGGED
- IMAGEBUILDER_IMAGERECIPE_EBS_VOLUMES_ENCRYPTED
- IMAGEBUILDER_IMAGERECIPE_TAGGED
- IMAGEBUILDER_INFRASTRUCTURECONFIGURATION_TAGGED
- KINESISVIDEO_SIGNALINGCHANNEL_TAGGED
- KINESISVIDEO_STREAM_TAGGED
- LAMBDA_FUNCTION_APPLICATION_LOG_LEVEL_CHECK
- LAMBDA_FUNCTION_LOG_FORMAT_JSON
- LAMBDA_FUNCTION_SYSTEM_LOG_LEVEL_CHECK
- LIGHTSAIL_BUCKET_OBJECT_VERSIONING_ENABLED
- MEDIAPACKAGE_PACKAGINGCONFIGURATION_TAGGED
- MEDIATAILOR_PLAYBACKCONFIGURATION_TAGGED
- MEMORYDB_SUBNETGROUP_TAGGED
- NEPTUNE_CLUSTER_SNAPSHOT_IAM_DATABASE_AUTH_ENABLED
- OPENSEARCHSERVERLESS_COLLECTION_DESCRIPTION
- OPENSEARCHSERVERLESS_COLLECTION_STANDBYREPLICAS_ENABLED
- PANORAMA_PACKAGE_TAGGED
- RDS_CLUSTER_BACKUP_RETENTION_CHECK
- RDS_GLOBAL_CLUSTER_AURORA_MYSQL_SUPPORTED_VERSION
- RESILIENCEHUB_APP_TAGGED
- RESILIENCEHUB_RESILIENCYPOLICY_TAGGED
- ROUTE53_RECOVERY_CONTROL_CLUSTER_TAGGED
- ROUTE53_RECOVERY_READINESS_CELL_TAGGED
- ROUTE53_RECOVERY_READINESS_READINESS_CHECK_TAGGED
- ROUTE53_RECOVERY_READINESS_RECOVERY_GROUP_TAGGED
- ROUTE53_RECOVERY_READINESS_RESOURCE_SET_TAGGED
- ROUTE53_RESOLVER_RESOLVER_ENDPOINT_TAGGED
- S3_DIRECTORY_BUCKET_LIFECYCLE_POLICY_RULE_CHECK
- SAGEMAKER_DATA_QUALITY_JOB_ENCRYPT_IN_TRANSIT
- SAGEMAKER_DATA_QUALITY_JOB_ISOLATION
- SAGEMAKER_FEATUREGROUP_DESCRIPTION
- SAGEMAKER_INFERENCEEXPERIMENT_TAGGED
- SAGEMAKER_MODEL_BIAS_JOB_ENCRYPT_IN_TRANSIT
- SAGEMAKER_MODEL_BIAS_JOB_ISOLATION
- SAGEMAKER_MODEL_EXPLAINABILITY_JOB_ENCRYPT_IN_TRANSIT
- SAGEMAKER_MODEL_QUALITY_JOB_ENCRYPT_TRANSIT
- SAGEMAKER_MONITORING_SCHEDULE_ISOLATION
- SIGNER_SIGNINGPROFILE_TAGGED
- TRANSFER_CONNECTOR_AS2_ENCRYPTION_ALGORITHM_CHECK
- TRANSFER_CONNECTOR_AS2_MDN_SIGNING_ALGORITHM_CHECK
- TRANSFER_CONNECTOR_AS2_SIGNING_ALGORITHM_CHECK