Ensure that Amazon Config service is referencing an active S3 bucket in order to save configuration information (history files and snapshots) for auditing purposes.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Amazon Config tracks changes within the configuration of your AWS resources and it regularly sends updated configuration details to an S3 bucket that you specify. When AWS Config is not referencing an active S3 bucket, the service is unable to send the recorded information to the designated bucket, therefore you lose the ability to audit later the configuration changes made within your AWS account.
To determine if AWS Config service is missing the ability to save configuration information (history files and configuration snapshots) due to inactive S3 bucket, perform the following actions:
Remediation / Resolution
To update Amazon Config service configurations that reference missing S3 buckets, perform the following:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
AWS Config Referencing Missing S3 Bucket
Risk level: High