Amazon Config · Capability

Amazon Config Compliance and Governance

Workflow capability for AWS resource configuration tracking, compliance evaluation, configuration history auditing, and automated remediation using Amazon Config. Used by security engineers and compliance officers to enforce governance policies and audit configuration changes across AWS infrastructure.

Run with Naftiko AmazonAWSComplianceConfiguration ManagementGovernanceSecurityAuditingRemediation

What You Can Do

GET
List config rules — List all AWS Config rules.
/v1/config-rules
PUT
Put config rule — Create or update a Config rule.
/v1/config-rules
GET
Get resource compliance — Get compliance status for AWS resources.
/v1/compliance/resources
GET
Get compliance summary — Get compliance summary across resource types.
/v1/compliance/summary
GET
List resources — List discovered AWS resources of a given type.
/v1/resources
GET
Get config history — Get configuration history for a resource.
/v1/resources/{resource_type}/{resource_id}/history
POST
Start remediation — Start remediation execution for noncompliant resources.
/v1/remediation

MCP Tools

list-config-rules

List all AWS Config compliance rules in the account.

read-only
check-resource-compliance

Check compliance status of a specific AWS resource against Config rules.

read-only
check-rule-compliance

Check compliance status across all resources for a specific Config rule.

read-only
get-compliance-summary

Get a summary of compliant vs noncompliant resources by resource type.

read-only
list-resources

List all discovered AWS resources of a given type in Config inventory.

read-only
get-resource-history

Get the configuration history for a specific AWS resource.

read-only
get-current-config

Get the current configuration of one or more AWS resources.

read-only
create-config-rule

Create or update an AWS Config compliance rule.

delete-config-rule

Delete an AWS Config compliance rule.

start-remediation

Start automated remediation for noncompliant resources.

APIs Used

config