Amazon Config Compliance and Governance
Workflow capability for AWS resource configuration tracking, compliance evaluation, configuration history auditing, and automated remediation using Amazon Config. Used by security engineers and compliance officers to enforce governance policies and audit configuration changes across AWS infrastructure.
What You Can Do
MCP Tools
list-config-rules
List all AWS Config compliance rules in the account.
check-resource-compliance
Check compliance status of a specific AWS resource against Config rules.
check-rule-compliance
Check compliance status across all resources for a specific Config rule.
get-compliance-summary
Get a summary of compliant vs noncompliant resources by resource type.
list-resources
List all discovered AWS resources of a given type in Config inventory.
get-resource-history
Get the configuration history for a specific AWS resource.
get-current-config
Get the current configuration of one or more AWS resources.
create-config-rule
Create or update an AWS Config compliance rule.
delete-config-rule
Delete an AWS Config compliance rule.
start-remediation
Start automated remediation for noncompliant resources.