The rules packages draw on all the knowledge Amazon has built up over the years, AWS senior vice president Andrew Jassy said. "You can tell which assessments were done, what findings they have, and what they actually did to remediate."
AWS Config Rules
The second tool, Config Rules, is designed to make compliance more straightforward. Users can set up compliance rules for resources and define specific actions that execute automatically if the rules are violated. The triggers can range from simply reporting the issue to appropriate parties to shutting down instances.
Developers can fire up and shut down storage, processing, and networking resources as needed on AWS. But in a fast-paced environment, it is very easy to overlook security guidelines and policies. Config Rules will automate the checks so that users can fix the issues as they are found, Amazon said.
Config Rules can ensure, for example, that every instance is associated with at least one security group or EC2 instances launched in a particular virtual private cloud are properly tagged. It can also check that port 22 is not open to any resource associated to a production security group. If the resource changes or a new one is created, Config Rules run and verify if the resource is still within the defined parameters.
Config Rules automates compliance checks, and all results are recorded and tracked on a per-resource basis. Config Rules could be very helpful for customers who may have forgotten about an instance or two sitting around in their environment. Config Rules can be used to shut down instances that aren’t in use or to look at the compliance status of a specific type of resource.
Accenture aims to get more users aboard the cloud
For a long time, many organizations held back from moving their workloads to cloud platforms because they were concerned about security. They weren’t sure how to secure the data being stored on servers they didn’t have full control over. There were questions about authentication and identity management, concerns over compliance, and issues with moving data securely.
At this year's Re:Invent conference, consulting giant Accenture announced a new AWS Business Group to help businesses address those worries and to migrate their applications to the cloud platform. Accenture recently bought Cloud Sherpas, a Google Cloud Platform consultancy, and it is clearly beefing up its cloud development and migration capabilities.
Sign up for CIO Asia eNewsletters.