Our Blog

AWS Config launches 42 new managed rules

Published
November 4, 2025
https://aws.amazon.com/about-aws/whats-new/2025/11/aws-config-launches-42-new-managed-rules/

AWS Config Launches 42 New Managed Rules

AWS Config has introduced 42 new managed rules for security, cost, durability, and operations. These rules can be searched, discovered, enabled, and managed directly from AWS Config, allowing you to govern more use cases for your AWS environment.

You can now enable these controls across your account or organization. For example, you can evaluate tagging strategies across Amazon EKS Fargate profiles, Amazon EC2 Network Insight Analyses, AWS Glue Machine Learning transforms, and assess security posture across Amazon Cognito Identity pools, Amazon Lightsail buckets, AWS Amplify apps, and more. Additionally, you can use Conformance Packs to group these new controls and deploy them across an account or organization, streamlining your multi-account governance.

New Rules Launched:

  • AMPLIFY_APP_NO_ENVIRONMENT_VARIABLES
  • AMPLIFY_BRANCH_DESCRIPTION
  • APIGATEWAY_STAGE_DESCRIPTION
  • APIGATEWAYV2_STAGE_DESCRIPTION
  • API_GWV2_STAGE_DEFAULT_ROUTE_DETAILED_METRICS_ENABLED
  • APIGATEWAY_STAGE_ACCESS_LOGS_ENABLED
  • APPCONFIG_DEPLOYMENT_STRATEGY_MINIMUM_FINAL_BAKE_TIME
  • APPCONFIG_DEPLOYMENT_STRATEGY_TAGGED
  • APPFLOW_FLOW_TRIGGER_TYPE_CHECK
  • APPMESH_VIRTUAL_NODE_CLOUD_MAP_IP_PREF_CHECK
  • APPMESH_VIRTUAL_NODE_DNS_IP_PREF_CHECK
  • APPRUNNER_SERVICE_IP_ADDRESS_TYPE_CHECK
  • APPRUNNER_SERVICE_MAX_UNHEALTHY_THRESHOLD
  • APS_RULE_GROUPS_NAMESPACE_TAGGED
  • AUDITMANAGER_ASSESSMENT_TAGGED
  • BATCH_MANAGED_COMPUTE_ENV_ALLOCATION_STRATEGY_CHECK
  • BATCH_MANAGED_SPOT_COMPUTE_ENVIRONMENT_MAX_BID
  • COGNITO_IDENTITY_POOL_UNAUTHENTICATED_LOGINS
  • COGNITO_USER_POOL_PASSWORD_POLICY_CHECK
  • CUSTOMERPROFILES_DOMAIN_TAGGED
  • DEVICEFARM_PROJECT_TAGGED
  • DEVICEFARM_TEST_GRID_PROJECT_TAGGED
  • DMS_REPLICATION_INSTANCE_MULTI_AZ_ENABLED
  • EC2_LAUNCH_TEMPLATES_EBS_VOLUME_ENCRYPTED
  • EC2_NETWORK_INSIGHTS_ANALYSIS_TAGGED
  • EKS_FARGATE_PROFILE_TAGGED
  • GLUE_ML_TRANSFORM_TAGGED
  • IOT_SCHEDULED_AUDIT_TAGGED
  • IOT_PROVISIONING_TEMPLATE_DESCRIPTION
  • IOT_PROVISIONING_TEMPLATE_JITP
  • IOT_PROVISIONING_TEMPLATE_TAGGED
  • KINESIS_VIDEO_STREAM_MINIMUM_DATA_RETENTION
  • LAMBDA_FUNCTION_DESCRIPTION
  • LIGHTSAIL_BUCKET_ALLOW_PUBLIC_OVERRIDES_DISABLED
  • RDS_MYSQL_CLUSTER_COPY_TAGS_TO_SNAPSHOT_CHECK
    • <


    If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.

Follow our blog

Get the latest insights and advice on AWS services from our experts.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related posts

Check out other insights from the team at West Loop Strategy.

View all
https://aws.amazon.com/about-aws/whats-new/2025/10/amazon-s3-metadata-three-additional-regions/

Amazon S3 Metadata is now available in three additional AWS Regions

Amazon S3 Metadata is now available in three additional AWS Regions: Europe (Frankfurt), Europe (Ireland), and Asia Pacific (Tokyo)
Read more
https://aws.amazon.com/about-aws/whats-new/2025/09/aws-transfer-family-vpc-endpoint-policies

AWS Transfer Family now supports VPC endpoint policies and FIPS VPC endpoints

AWS Transfer Family now supports Virtual Private Cloud (VPC) endpoint policies for your VPC endpoints
Read more
https://aws.amazon.com/about-aws/whats-new/2025/10/amazon-connect-outbound-campaigns-preview-dialing/

Amazon Connect outbound campaigns supports preview dialing for greater agent control

Amazon Connect outbound campaigns now offers a preview dialing mode that gives agents more context about a customer before placing a call
Read more
View all