The AWS Security Blog for Mar 1st 2016 announced the?AWS Config Rules Repository.
AWS Config Rules
Amazon?announced AWS Config in November 2014 to provide a historical record of the configuration of an AWS environment. AWS Config Rules is an extension of the AWS Config?service. They?ensure the configuration?meets specific parameters. AWS Lambda functions are triggered when the environment deviates from the configuration .
Administrators can automatically detect and remediate changes to an existing AWS environment using AWS Config Rules. Simple misconfigurations?like?outdated AMI Ids being used in old CloudFormation templates can be detected. Potentially high-impact security related changes such as the unauthorized creation of an internet gateway can be prevented.
Security conscious organizations will still want to restrict users from accidents or malicious activity proactively using AWS Identity and Access Management (IAM)?Policies and Roles. A defense-in-depth strategy benefits from AWS Config Rules as a backup for proactive controls.
AWS Config Rules Repository
Many organizations faces the same concerns related to security and compliance. Many organizations handle security and compliance issues in a very similar way, for example, creating a ticket for the Security Operations Center (SOC) to investigate or closing a port which should never have been opened.
The AWS Config Rules Repository provides examples of how to detect and react to many common scenarios. This is a benefit for organizations looking for advice on what to deny and how to react if other controls failed.
Some rules are are written in Python which needs to be packaged.
At the time of this update, there was a lone Java example which included a Maven POM for packaging ready for AWS Lambda which detects if MFA is enabled on the root account.
The AWS Lambda functions can be found on GitHub at?GitHub – awslabs/aws-config-rules: Repository of sample Custom Rules for AWS Config.