Use AWS Config Rules to Remediate Noncompliant Resources

AWS Config now includes remediation capability with AWS Config rules. This feature gives you the ability to associate and execute remediation actions with AWS Config rules to address noncompliant resources. You can choose from a list of available remediation actions. For example, you can create an AWS Config rule to check that your Amazon S3 buckets do not allow public read access. You can then associate a remediation action to disable public access for noncompliant S3 buckets.

Source:: Amazon AWS