I have EC2 Instances launching automatically from my AMI setup to a LB and ASG. I want to now configure a security service like AWS Config to monitor my EC2 Instance for any Configuration changes.
The issue I am having is knowing which rule in AWS Managed Rule monitors the configuration as I don't see any that specifically does. I see alb-http-to-https-redirection-check, cloudwatch-alarm-resource-check, desired-instance-tenancy, approved-amis-by-tag and ami-by-id.
Not sure what to do to as none of these suit my use case.
Here is the information How you can create config rule
you can select specific AWS Resource like EC2 instance from the resource list and then on second step you will find list of managed rules you can select all rules for configuration changes that you want to record for your instance.