Event-driven vs. continuous polling Regional deployments

Design considerations

Event-driven vs. continuous polling

This solution needs to resolve all objects for all the rules in the referenced group, which is not an incremental process. To resolve all objects for all the rules, introducing an event-driven mechanism would mean having to handle a race condition making the solution more complex, and the resolution less reliable. This would cause a high error rate on rule resolution. Therefore, the solution uses continuous polling as the main mechanism to resolve objects and rules.

Regional deployments

This solution uses the AWS Network Firewall service which is not currently available in all AWS Regions. You must launch this solution in an AWS Region where AWS Config and AWS Network Firewall is available. For the most current availability by Region, refer to the AWS Regional Services List.

As of June 2022, this solution is supported in the following Regions:

Region ID	Region name
us-east-1	US East (N. Virginia)
us-west-2	US West (Oregon)
eu-west-2	Europe (London)
ap-south-1	Asia Pacific (Mumbai)
ap-southeast-1	Asia Pacific (Singapore)
ap-southeast-2	Asia Pacific (Sydney)

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Domain concepts

AWS CloudFormation template