I honestly don't understand how AWS expects folks to take Config seriously when it's missing support for the majority of the AWS services portfolio.<p><a href="https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html" rel="nofollow">https://docs.aws.amazon.com/config/latest/developerguide/res...</a><p>It's incredibly frustrating too, because the Config recorder builds a nice graph of related objects for you (although it would be nice if they added ARN references rather than just IDs) and the Config rules 'marketplace' could be a nice place for vendors to ship a variety of regulatory and standards compliance kits.<p>We have hundreds of AWS accounts and all but ignore the service in favor of third party, open source and in-house built products with appropriate coverage.
What is the benefit of running this instead of using tools like Chef InSpec (<a href="https://github.com/inspec/inspec" rel="nofollow">https://github.com/inspec/inspec</a>) or Cloud Custodian (<a href="https://github.com/cloud-custodian/cloud-custodian" rel="nofollow">https://github.com/cloud-custodian/cloud-custodian</a>)?
This is welcome. I got a rude awakening the first time I turned config rules on when the bill came in, and it kept coming even after they were killed in the UI. I had racked up over $100 in a few months in config bills with the rules being disabled but in an odd state. Thankfully AWS gave us a credit, but I haven't really wanted to mess with them since. I'll give them another look now that the pricing is more in line with a usage model.
>AWS Config helps you assess and maintain compliance over your AWS resource configurations.<p>Well that's pretty cheeky, calling all us developers asses! ;)<p>What, that word was "assess"? Oh, never mind.<p>-The Emily Litella of the Net