DEV Community

GargeeBhatnagar for AWS Community Builders

Posted on

Compliance Check for EC2 and S3 Using AWS Config

“ I have checked the documents of AWS to resolve the issue of compliance check for AWS services. So I got AWS Config for compliance purposes. Pricing of AWS Config depends on configuration item and rule created.”

AWS Config continually assesses, audits and evaluates the configurations and relationships of your resources on AWS, on premises and on other clouds.

In this post, you will get to know how to do compliance check for ec2 and s3 using aws config. Here I have used an ec2 server and a s3 bucket for compliance check on this using config service rules.

Prerequisites

You’ll need an Amazon EC2 Server for this post. Getting started with amazon EC2 provides instructions on how to launch an EC2 Server.

You’ll need an Amazon Simple Storage Service for this post. Getting started with Amazon Simple Storage Service provides instructions on how to create a bucket in simple storage service. For this blog, I assume that I have an ec2 server and a s3 bucket created.

Architecture Overview

Image description
The architecture diagram shows the overall deployment architecture with data flow, amazon ec2, amazon s3 and aws config.

Solution overview

The blog post consists of the following phases:

  1. Create Rules for EC2 and S3 Compliance in AWS Config
  2. Enable Block Public Access Option in S3 Bucket for Compliance Purpose

I have a s3 bucket and a ec2 server as below →
Image description
Image description

Phase 1: Create Rules for EC2 and S3 Compliance in AWS Config

  1. Open the AWS Config console and add an AWS managed rule for ec2 and s3 service. Once the rule is created, open the resource inventory and checkout the compliant and noncompliant rule.

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Image description

Phase 2: Enable Block Public Access Option in S3 Bucket for Compliance Purpose

  1. Open the S3 console and enable the block public access option in s3 bucket. Rules created for s3 will be compliant.

Image description

Image description

Image description

Image description

Image description

Clean-up

Delete EC2 Instance, S3 Bucket and Config Rules.

Pricing

I review the pricing and estimated cost of this example.

Cost of EC2 Instance = $0.09

Cost of S3 = $0.01

Cost of AWS Config = $0.005

Total Cost = $(0.09 + 0.01 + 0.005) = $0.105

Summary

In this post, I showed “how to do compliance check for ec2 and s3 using aws config”.

For more details on AWS Config, Checkout Get started AWS Config, open the AWS Config console. To learn more, read the AWS Config documentation.

Thanks for reading!

Connect with me: Linkedin
Image description

Top comments (0)