Cloud Config can monitor large amounts of resources and evaluate the configuration compliance of these resources. Cloud Config allows you to monitor resources in multiple scenarios.
Centralized resource management
Cloud Config aggregates resources in different regions to accelerate the query of resources, and records the configuration snapshots of the resources. This allows you to manage your resources across regions in a centralized manner. After you activate Cloud Config, you can view your resources in different regions. You can also filter a resource and view its configuration snapshots.
Compliance evaluation configuration
After you activate Cloud Config, you can configure rules and apply them to specified resource types. You can use managed rules in Cloud Config or create custom rules.
When the resource configurations of a specified type changes, the rules that are applied to the resource type are triggered to evaluate the compliance of the configurations.
Configuration change tracking and non-compliance review
After you activate Cloud Config, Cloud Config detects configuration changes of your resources every 10 minutes. You can view the configuration changes of each resource.
Cloud Config is integrated with ActionTrail. You can view the events that result in each configuration change. This allows you to track the time when a configuration error occurred and view the relevant operations log. This way, you can locate and view non-compliance issues.