AWS Config Proactive Compliance VS Control Tower Proactive Controls

0

Hi all,

I've a question regarding the new released features of AWS Control Tower and AWS Config. What is the difference between AWS Control Tower Proactive Controls and AWS Config Proactive Compliance and why should I use one instead of the other ?

and if there is a way to use AWS Config Proactive Compliance with CloudFormation ?

Thanks

profile picture
asked a year ago322 views
1 Answer
0

AWS Control Tower offers the easiest way to set up and govern a secure, multi-account AWS environment. Control Tower make use for AWS Config to detect(reactive) or prevent (proactive) policy violations. If the environment is single AWS account, we can just make use of AWS Config. We can make use of AWS CloudFormation Guard in your deployment pipelines to check for compliance proactively and ensure that a consistent set of policies are applied both before and after resources are provisioned. For more details, refers to blog at: https://aws.amazon.com/blogs/aws/new-aws-config-rules-now-support-proactive-compliance/

AWS
answered a year ago
  • there are any examples regarding the use of Cloudformation Guards with AWS Config rules in Proactive mode ?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions