AWS Config

1. AWS Config continuously monitors and evaluates the resource configurations in your environment.
2. AWS Config is a service that gives the ability to assess, audit, and evaluate the configurations of your AWS resources. It does not scan for vulnerabilities or network exposures.

Question

A company that hosts its web application on AWS wants to ensure all Amazon EC2 instances. Amazon RDS DB instances. and Amazon Redshift clusters are configured with tags. The company wants to minimize the effort of configuring and operating this check. What should a solutions architect do to accomplish this?

1. Use AWS Config rules to define and detect resources that are not properly tagged. (Correct Ans)
2. Use Cost Explorer to display resources that are not properly tagged. Tag those resources manually.
3. Write API calls to check all resources for proper tag allocation. Periodically run the code on an EC2 instance.
4. Write API calls to check all resources for proper tag allocation. Schedule an AWS Lambda function through Amazon CloudWatch to periodically run the code.