AWS Config Rules is a set of cloud governance capabilities that allow you to define guidelines for provisioning and configuring AWS resources as well as software within managed instances, including EC2 instances in your AWS account, and virtual machines (VMs) or servers in your on-premises environment. AWS Config Rules also enable you to continuously monitor compliance with those guidelines. You can choose from a set of pre-built rules based on common AWS best practices or define custom rules with AWS Config Rules. For example, you can ensure EBS volumes are encrypted, Elastic IP addresses (EIPs) are attached to instances, and managed instances have required applications installed. AWS Config Rules helps you monitor configuration changes to your resources and provides you a dashboard to track compliance status. Using AWS Config Rules, you can quickly determine when and how a resource became non-compliant.

