All APIs
AWS Config logo

AWS Config

AWS Config

UpOpen Sourcecloudby Amazon Web Services62· JavaScript· MIT

AWS Config API records AWS resource configuration history — compliance audit, change tracking, and rule-based auto-alerts.

Visit site ↗Source ↗Health checked 12h ago
Use it when

Complete config history for 200+ resource types

Watch for

Charged by recording count and rule evaluations — enabling all regions can get expensive

First check

PutConfigurationRecorder to enable the recorder. PutConfigRule to add compliance rules. View results in Config Dashboard.

Auth
CORS
No
HTTPS
Yes
Signup
?
Latency
42 ms
Protocol
REST
Pricing
Stars
62

Uptime · 30-day window

Probes: 30Uptime: 100%Avg latency: 48ms

GitHub activity

62JavaScriptMIT17 open issuesLast commit 155d ago
01

About this API

AWS Config is a configuration management database — treats all your AWS resource configurations as "objects" with continuous recording and versioning on every change. Foundation for compliance and audit: regulator requires "all S3 buckets must be encrypted", Config continuously monitors every S3 bucket company-wide, alerting on violations; after a security incident, "who changed that security group yesterday" — Config provides full change timeline. Two rule types: managed rules (AWS-written, covering common compliance) and custom rules (your Lambda implementing business rules). Combined with Systems Manager Automation or Config remediation, supports auto-remediation — e.g. detect unencrypted S3 bucket, auto-enable encryption. Essential for enterprise AWS governance.

02

What you can build

  • 1Compliance audit (all S3 buckets must be encrypted)
  • 2Resource config change tracking (who changed which security group when)
  • 3Rule-based auto-alerts (immediate alert on 0.0.0.0/0 inbound)
  • 4Periodic compliance reporting
03

Strengths & limitations

Strengths

  • Complete config history for 200+ resource types
  • Built-in 100+ compliance rules (HIPAA, PCI, CIS, and other baselines)
  • Custom rules supported (Lambda)
  • Can pair with auto-remediation

Limitations

  • Charged by recording count and rule evaluations — enabling all regions can get expensive
  • Rule evaluations have latency (not real-time)
04

Getting started

PutConfigurationRecorder to enable the recorder. PutConfigRule to add compliance rules. View results in Config Dashboard.

05

FAQ

How expensive is Config?+

By recordings (~$0.003 per resource per change) + rule evaluations (~$0.001 per 1k). Full coverage all regions/types can cost $100-500/month for small companies.

Config vs. CloudTrail?+

CloudTrail records API calls (who called what); Config records resource state (what does the resource look like now). Complementary.

06

Technical details

CORS: NoHTTPS: YesSignup: ?Open source: Yes
Auth type
unknown
Pricing
unknown
Protocols
REST
SDKs
python, javascript, go, java, csharp
Response time
42 ms
Last health check
6/26/2026, 6:22:15 AM
07

Tags

awsconfigcomplianceauditgovernance
08

More from Amazon Web Services

View all from Amazon Web Services →
Access Analyzer
62

AWS IAM Access Analyzer API analyzes IAM resource policies for over-privileged access or external access — proactively surfaces security risks.

Alexa For Business
62

Alexa for Business helps you use Alexa in your organization.

Amazon API Gateway
62

Amazon API Gateway helps developers deliver robust, secure, and scalable mobile and web application back ends.

Amazon AppConfig
62

Use AppConfig, a capability of Amazon Web Services Systems Manager, to create, manage, and quickly deploy application configurations.

Amazon Appflow
62

Welcome to the Amazon AppFlow API reference.

Amazon AppIntegrations Service
62

The Amazon AppIntegrations service enables you to configure and reuse connections to external applications.

Amazon AppStream
62

Amazon AppStream 2.0 API Reference.

Amazon Athena
62

Amazon Athena is an interactive query service that lets you use standard SQL to analyze data directly in Amazon S3.