AWS Config Proactive Compliance VS Control Tower Proactive Controls
Hi all,
I've a question regarding the new released features of AWS Control Tower and AWS Config. What is the difference between AWS Control Tower Proactive Controls and AWS Config Proactive Compliance and why should I use one instead of the other ?
and if there is a way to use AWS Config Proactive Compliance with CloudFormation ?
Thanks
- 최신
- 최다 투표
- 가장 많은 댓글
AWS Control Tower offers the easiest way to set up and govern a secure, multi-account AWS environment. Control Tower make use for AWS Config to detect(reactive) or prevent (proactive) policy violations. If the environment is single AWS account, we can just make use of AWS Config. We can make use of AWS CloudFormation Guard in your deployment pipelines to check for compliance proactively and ensure that a consistent set of policies are applied both before and after resources are provisioned. For more details, refers to blog at: https://aws.amazon.com/blogs/aws/new-aws-config-rules-now-support-proactive-compliance/
there are any examples regarding the use of Cloudformation Guards with AWS Config rules in Proactive mode ?