Skip to main content

Resoto vs. AWS Config

Resoto is an open-source alternative to AWS Config.

AWS Config provides an overview of the configuration of AWS resources in your AWS account, including an overview of how resources are related to one another.

Similarities Between Resoto and AWS Config

Both AWS Config and Resoto offer cloud asset inventory functionality to assess, audit, and evaluate configurations of your AWS resources.

With either tool, you can:

  • Create an inventory of your AWS resources
  • Track changes and manage compliance
  • Filter and find resources that match different criteria
  • Automate remediation

Differences Between Resoto and AWS Config

AWS Config is a native AWS service, and as such it only covers AWS resources and is optimized for integrating with the AWS product ecosystem.

Resoto, on the other hand, also supports Kubernetes and other cloud providers (including Google Cloud and DigitalOcean).

ResotoAWS Config
Resource CoverageSupports over 200 AWS resource types and supports all AWS regions.Covers about 200 AWS resource types, not all of which are supported in every AWS region.
Multi-CloudCloud agnostic and can be used as a single control plane for multiple clouds.

Open source and offers an SDK that makes it easy to add support for additional platforms and resources (e.g., on-prem or SaaS).
Purpose-built for AWS and lacks support for other clouds.
Full-Text SearchCreates an inventory of discovered resources and offers full-text search as an easy way to explore your cloud inventory.Does not offer full-text search.
Resource VisualizationOffers dashboards for visual exploration of resources and their relationships.

Also includes a graph view, which depicts how resources are connected.
Part of the general AWS Console experience.

To visualize data, needs to be integrated with S3 for storage, Athena for querying, and Quicksight for dashboards.
RemediationIntegrates analytics and governance into a single product to enforce policies and perform actions on resources.

Offers commands and jobs to automate remediation.

Can be used to write custom code and rules for any resource in a cloud-agnostic way.
Offers remediation in combination with AWS Systems Manager and AWS Security Hub.

Requires writing custom or using predefined runbooks maintained by AWS.
PricingOpen-source and free to use.

To deploy Resoto to AWS, you just need an EKS cluster running on an EC2 instance.
Complex pricing matrix based on the number of configuration items recorded, rules evaluated, and conformance packs enabled.

There are additional costs for data storage in S3, notifications through Amazon SNS, running custom rules using AWS Lambda, and usage of QuickSight dashboards.
LimitsNo limits on the number of accounts to collect inventory data from or the number of searches, checks, and jobs you can run on the inventory.Has hard and soft quota limits (see AWS Config Service Limits).

Hard quotas that cannot be increased
Limit DescriptionMaximum
Accounts in an aggregator10,000
Conformance packs per account50
AWS Config Rules per conformance pack130
AWS Config Rules per Region per account across all conformance packs150
Conformance packs per organization50
AWS Config Rules per organization conformance pack130
AWS Config Rules per Region per account across all organization conformance packs350

Contact Us

Have feedback or need help? Don’t be shy—we’d love to hear from you!




Some Engineering Inc.