AWS Config launches 75 new managed rules

AWS Config announces the launch of an additional 75 managed Config rules for various use cases such as security, durability, and operations. You can now search, discover, enable and manage these additional rules directly from AWS Config and govern more use cases for your AWS environment.

With this launch, you can now enable these controls across your account or across your organization. For example, you can assess your security posture across AWS Amplify, Amazon SageMaker, Amazon Route 53, and more. Additionally, you can leverage Conformance Packs to group these new controls and deploy across an account or across organization, streamlining your multi-account governance.

For the full list of recently released rules, visit the AWS Config developer guide. For description of each rule and the AWS Regions in which it is available, please refer our Config managed rules documentation. To start using Config rules, please refer our documentation.

New Rules Launched: ACM_CERTIFICATE_TRANSPARENT_LOGGING_ENABLED AMPLIFY_APP_BUILD_SPEC_CONFIGURED AMPLIFY_APP_PLATFORM_CHECK AMPLIFY_BRANCH_AUTO_BUILD_ENABLED AMPLIFY_BRANCH_BUILD_SPEC_CONFIGURED AMPLIFY_BRANCH_FRAMEWORK_CONFIGURED AMPLIFY_BRANCH_PULL_REQUEST_PREVIEW_ENABLED APIGATEWAY_DOMAIN_NAME_TLS_CHECK APIGATEWAYV2_INTEGRATION_PRIVATE_HTTPS_ENABLED APPINTEGRATIONS_APPLICATION_APPROVED_ORIGINS_CHECK APPINTEGRATIONS_APPLICATION_TAGGED APPMESH_MESH_IP_PREF_CHECK APPMESH_VIRTUAL_GATEWAY_LISTENERS_HEALTH_CHECK_ENABLED APPMESH_VIRTUAL_NODE_LISTENERS_HEALTH_CHECK_ENABLED APPMESH_VIRTUAL_NODE_LISTENERS_OUTLIER_DETECT_ENABLED APPMESH_VIRTUAL_NODE_SERVICE_BACKENDS_TLS_ENFORCED CLOUDTRAIL_EVENT_DATA_STORE_MULTI_REGION CLOUDWATCH_ALARM_DESCRIPTION CODEARTIFACT_REPOSITORY_TAGGED CODEBUILD_PROJECT_TAGGED EC2_IPAMSCOPE_TAGGED EC2_LAUNCHTEMPLATE_EBS_ENCRYPTED ECS_SERVICE_PROPAGATE_TAGS_ENABLED ELBV2_TARGETGROUP_HEALTHCHECK_PROTOCOL_ENCRYPTED ELBV2_TARGETGROUP_PROTOCOL_ENCRYPTED EVENTSCHEMAS_DISCOVERER_TAGGED EVENTSCHEMAS_REGISTRY_TAGGED GROUNDSTATION_CONFIG_TAGGED GROUNDSTATION_DATAFLOWENDPOINTGROUP_TAGGED GROUNDSTATION_MISSIONPROFILE_TAGGED HEALTHLAKE_FHIRDATASTORE_TAGGED IAM_OIDC_PROVIDER_CLIENT_ID_LIST_CHECK IAM_POLICY_DESCRIPTION IMAGEBUILDER_DISTRIBUTIONCONFIGURATION_TAGGED IMAGEBUILDER_IMAGEPIPELINE_TAGGED IMAGEBUILDER_IMAGERECIPE_EBS_VOLUMES_ENCRYPTED IMAGEBUILDER_IMAGERECIPE_TAGGED IMAGEBUILDER_INFRASTRUCTURECONFIGURATION_TAGGED KINESISVIDEO_SIGNALINGCHANNEL_TAGGED KINESISVIDEO_STREAM_TAGGED LAMBDA_FUNCTION_APPLICATION_LOG_LEVEL_CHECK LAMBDA_FUNCTION_LOG_FORMAT_JSON LAMBDA_FUNCTION_SYSTEM_LOG_LEVEL_CHECK LIGHTSAIL_BUCKET_OBJECT_VERSIONING_ENABLED MEDIAPACKAGE_PACKAGINGCONFIGURATION_TAGGED MEDIATAILOR_PLAYBACKCONFIGURATION_TAGGED MEMORYDB_SUBNETGROUP_TAGGED NEPTUNE_CLUSTER_SNAPSHOT_IAM_DATABASE_AUTH_ENABLED OPENSEARCHSERVERLESS_COLLECTION_DESCRIPTION OPENSEARCHSERVERLESS_COLLECTION_STANDBYREPLICAS_ENABLED PANORAMA_PACKAGE_TAGGED RDS_CLUSTER_BACKUP_RETENTION_CHECK RDS_GLOBAL_CLUSTER_AURORA_MYSQL_SUPPORTED_VERSION RESILIENCEHUB_APP_TAGGED RESILIENCEHUB_RESILIENCYPOLICY_TAGGED ROUTE53_RECOVERY_CONTROL_CLUSTER_TAGGED ROUTE53_RECOVERY_READINESS_CELL_TAGGED ROUTE53_RECOVERY_READINESS_READINESS_CHECK_TAGGED ROUTE53_RECOVERY_READINESS_RECOVERY_GROUP_TAGGED ROUTE53_RECOVERY_READINESS_RESOURCE_SET_TAGGED ROUTE53_RESOLVER_RESOLVER_ENDPOINT_TAGGED S3_DIRECTORY_BUCKET_LIFECYCLE_POLICY_RULE_CHECK SAGEMAKER_DATA_QUALITY_JOB_ENCRYPT_IN_TRANSIT SAGEMAKER_DATA_QUALITY_JOB_ISOLATION SAGEMAKER_FEATUREGROUP_DESCRIPTION SAGEMAKER_INFERENCEEXPERIMENT_TAGGED SAGEMAKER_MODEL_BIAS_JOB_ENCRYPT_IN_TRANSIT SAGEMAKER_MODEL_BIAS_JOB_ISOLATION SAGEMAKER_MODEL_EXPLAINABILITY_JOB_ENCRYPT_IN_TRANSIT SAGEMAKER_MODEL_QUALITY_JOB_ENCRYPT_TRANSIT SAGEMAKER_MONITORING_SCHEDULE_ISOLATION SIGNER_SIGNINGPROFILE_TAGGED TRANSFER_CONNECTOR_AS2_ENCRYPTION_ALGORITHM_CHECK TRANSFER_CONNECTOR_AS2_MDN_SIGNING_ALGORITHM_CHECK TRANSFER_CONNECTOR_AS2_SIGNING_ALGORITHM_CHECK