How to Auto Remediate AWS resources By Using AWS Config

2021/9/111 min read

AWS Config is a service that will record and evaluate all the changes at your AWS services, it will also provide remediate the changes. This blog will demo how to use AWS Config to auto remediate the S3 bucket to enable the versioning.

Imaging your role is managing the AWS account for your company and would like to make sure all services are in compliance with the company policy rule, one of the rules is S3 needs to enable the versioning, and server-side encryption should be enabled. If you just need to manage a few s3 buckets that might be fine, but if you need to manage dozens of buckets created by many different developers that might be hard to manage all s3 buckets. One service we can use is AWS Config for this scenario.