AWS Config is a fully managed service that
provides you with an AWS resource inventory,
configuration history, and configuration change notifications to enable
security and governance. The Config Rules feature enables you to create rules
that automatically check the configuration of AWS resources recorded by AWS
Config.
With AWS Config, you can discover existing and
deleted AWS resources, determine your overall compliance against rules, and
dive into configuration details of a resource at any point in time. These
capabilities enable compliance auditing, security analysis, resource change
tracking, and troubleshooting.