It's incredibly frustrating too, because the Config recorder builds a nice graph of related objects for you (although it would be nice if they added ARN references rather than just IDs) and the Config rules 'marketplace' could be a nice place for vendors to ship a variety of regulatory and standards compliance kits.
We have hundreds of AWS accounts and all but ignore the service in favor of third party, open source and in-house built products with appropriate coverage.
This is welcome. I got a rude awakening the first time I turned config rules on when the bill came in, and it kept coming even after they were killed in the UI. I had racked up over $100 in a few months in config bills with the rules being disabled but in an odd state. Thankfully AWS gave us a credit, but I haven't really wanted to mess with them since. I'll give them another look now that the pricing is more in line with a usage model.
https://docs.aws.amazon.com/config/latest/developerguide/res...
It's incredibly frustrating too, because the Config recorder builds a nice graph of related objects for you (although it would be nice if they added ARN references rather than just IDs) and the Config rules 'marketplace' could be a nice place for vendors to ship a variety of regulatory and standards compliance kits.
We have hundreds of AWS accounts and all but ignore the service in favor of third party, open source and in-house built products with appropriate coverage.