Workload Security supports the use of AWS Config Rules to query the status of your
AWS instances. This can be especially useful if you want to have a centralized view
into whether your instances meet certain compliance requirements.
There are four Lambda functions available from the Deep Security AWS Config Rules Repository on GitHub:
ds-IsInstanceProtectedByAntiMalwarechecks whether the current instance is protected by the Workload Security Anti-Malware module.ds-IsInstanceProtectedBychecks whether the current instance is protected by any of the Workload Security protection modules. This is a generic version of ds-IsInstanceProtectedByAntiMalware.ds-DoesInstanceHavePolicychecks whether the current instance is protected by a specific Workload Security policy.ds-IsInstanceClearchecks whether the current instance has any warnings, alerts, or errors in Workload Security.
For more information about AWS Config, see the AWS Config section of the Amazon AWS website.