All Products
Search
Document Center

Cloud Config:Scenarios

Last Updated:Jun 14, 2023

Cloud Config can monitor large amounts of resources and evaluate the configuration compliance of these resources. Cloud Config allows you to monitor resources in multiple scenarios.

Centralized management and tracking of resource configurations

Managing resources of different cloud services deployed across regions causes much inconvenience. Cloud Config efficiently aggregates the resources of cloud services in different regions, provides a global resource list and fast retrieval, and records detailed snapshots of each resource configuration change. After you activate Cloud Config, you can view the list of resources aggregated from different cloud services that belong to your Alibaba Cloud account and are deployed across regions. You can also search for a specific resource and view its configuration snapshots.

Note

Some of your resources may not be displayed in the resource list because Cloud Config does not support the related Alibaba Cloud services. However, Cloud Config will support more Alibaba Cloud services and display more resources in the future.

Integration of cloud resources into the CMDB of an enterprise

After you activate Cloud Config, you can use the resource list and resource APIs to quickly integrate cloud resource configurations into the configuration management database (CMDB) of your enterprise to centrally manage resources. You can also use the resource change delivery capability for near real-time integration with CMDB. The resource snapshot delivery capability enables global statistics and analysis of cloud resources.

Efficient implementation of enterprise internal-control baselines

Generally, to ensure the order of business activities and stability and compliance of IT services, enterprises must take measures to monitor and audit IT services. The compliance library of Cloud Config provides a wide range of compliance packages and rule templates. Enterprises can enable compliance items based on their business requirements. Then, Cloud Config continuously checks the retained resources on the cloud. In addition, Cloud Config provides flexible custom rules. If a preset template cannot meet the specific management requirements of an enterprise, the enterprise can implement specific compliance items based on the custom rules to ensure the integrity of these requirements.

Regulations and industry standards pre-inspection

Cloud Config interprets regulations such as CIS, ISO 2.0, and PCI DSS, and detects cloud resource configurations. You can easily enable a compliance package. Then, Cloud Config continuously monitors the compliance of your resources. You can also download the compliance report and submit it to an inspection agency for auditing.

Cloud resource continuity and compliance

Cloud Config provides the automatic non-compliance remediation capability. You can quickly fix resource non-compliance based on automatic remediation to ensure the continuous compliance of cloud resources. In addition, Cloud Config also provides the non-compliant event delivery feature. Enterprises can flexibly select channels for event delivery, and implement monitoring and automatic handling of non-compliance events.