AWS Config
Collect Compliance Events From AWS Config
Dash allows teams to connect AWS Config and digest findings from AWS Config rules events in Dash. Customers can create custom scans and rules AWS Config and pull additional insight related to AWS security configuration into Dash.
What Will You Need?
Dash ComplyOps v2.7.0 or greater – See how to update to latest version of Dash
About 10 minutes of time
AWS Config Supported Regions
*Please Note: AWS Config integration currently works with AWS Config rules and findings in the Master AWS account and does not currently support findings from AWS sub-accounts.
Currently, Dash ComplyOps supports digesting AWS Config rules and findings for the following regions:
'us-east-1'
'us-east-2'
'us-west-1'
'us-west-2'
'ca-central-1'
Instructions To Connect AWS Config
Login into your Dash ComplyOps application.
In the left sidebar, navigate to the Action Center.
3. In the Action Center, click on “Configure AWS Config” button.
4. You will then see the AWS Config page.
5. Enable AWS Config for one or more regions in an account by clicking on the AWS Config Settings button in the corner.
For the installed AWS account, where Dash is installed, you can “Subscribe” or enable AWS findings for individual AWS regions.
*Please Note: AWS Config integration currently works with AWS Config rules and findings in the Master AWS account and does not currently support findings from AWS sub-accounts.
6. After enabling AWS Config for one or more regions, Dash will digest AWS Config findings and provide compliance insight across the application.
7. You should be able to see the following AWS Config Rules and mappings on the page:
Activated AWS Managed Rules (Rules that are AWS provided default rules)
Activated Custom AWS Config Roles (Rules that you have created yourself)
Your team is able to customize these rules as needed. They will appear in the Compliance Center issues list as they are newly detected by AWS Config.
Viewing AWS Config Findings
After connecting AWS Config to Dash ComplyOps, Dash will start to monitor and digest AWS Config rules and findings.
You can view the latest AWS Config findings by navigating to the Compliance Center.
AWS Config findings will appear under Compliance Center > Compliance Issues
You can filter/sort compliance issues by AWS Config by clicking on the Sources filter in the right bar and selecting “AWS Config” under the filter.
Similar to other security findings, AWS Config issues can be viewed, resolved, and ignored in the Compliance Center.
Editing AWS Config Findings
In the AWS Config Action Center Page, scroll down to the security findings, and click “Edit Rule“.
The edit options will expand for the specific AWS Config finding. You can modify the following fields for each security finding:
Name – Name of the security issue/finding
Priority – Priority of the security finding(low, medium, or high)
Description – A description of the Security finding.
Service – The AWS Service related to the AWS Config Rule
HIPAA Control Relationship – HIPAA controls/standards related to a compliance issue.
SOC 2 Control Relationship – SOC 2 controls/standards related to a compliance issue.
HITRUST Control Relationship – HITRUST controls/standards related to a compliance issue.
All edits to AWS Config findings will be shown in the Compliance Center and Reports Center based on mappings.
Note: Dash updates to AWS Config default mappings may override individual edits to issue types findings, where Dash has updated the defined mapping.