AWS Config supports internal service-linked rules
AWS Config now supports internal service-linked rules, allowing AWS services to evaluate resource configurations using managed rules. This feature enables integrated security and compliance capabilities by letting services like Security Hub deploy and manage rule evaluations, with results delivered at no charge to customers. These rules operate independently of customer-managed recorders, offering enhanced governance and auditing flexibility.
- →AWS services can now deploy and manage AWS Config rules
- →Evaluation results delivered at no charge from AWS Config
- →Independent operation from customer-managed recorders
Features (1) ›
- AWS services can now deploy and manage AWS Config rules
AWS Config now supports internal service-linked rules, enabling AWS services to evaluate resource configurations using managed rules. Services such as AWS Security Hub can deploy and manage rule evaluations for their specific functionality, providing integrated security and compliance capabilities.
Enhancements (2) ›
- Evaluation results delivered at no charge from AWS Config
Evaluation results for internal service-linked rules are delivered directly to the AWS service that deployed the rule, at no additional charge from AWS Config to customers.
- Independent operation from customer-managed recorders
Internal service-linked rules operate independently of existing customer-managed AWS Config recorders and rules. This allows customers to continue using AWS Config for their own inventory, governance, compliance, and auditing needs while AWS services manage their specific evaluations separately.
https://aws.amazon.com/about-aws/whats-new/2026/06/aws-config-supports-internal-service-linked-rules