AWS Config now supports an easier way to author custom AWS Config rules using AWS CloudFormation Guard (cfn-guard). With this release, users with limited programming experience can use Guard to define and review custom policies that check your resources have desired configurations. AWS Config rules are a way of creating and implementing compliance policies against resource configurations. Currently, AWS Config offers both managed rules, which AWS builds and maintains to meet common compliance use cases, and custom rules, which users create to meet their specific compliance needs. Guard is an open source tool offering policy-as-code, such that users can define policies to validate JSON- or YAML-formatted data using a domain-specific language (DSL).
Source:: Amazon AWS