Need advice about which tool to choose?Ask the StackShare community!
AWS Config vs Skylight: What are the differences?
Introduction:
AWS Config and Skylight are two cloud services that provide configuration auditing and monitoring capabilities. While they both aim to help users ensure compliance and security of their cloud resources, there are several key differences between the two.
- Architecture and Deployment:
AWS Config is a fully managed service provided by Amazon Web Services(AWS). It allows users to assess, audit, and evaluate the configurations of their AWS resources. AWS Config collects and records configuration changes, and provides detailed information for resource history and change notifications. On the other hand, Skylight is a third-party cloud monitoring platform that offers real-time observability and security for infrastructure as code (IaC). Skylight's architecture involves deploying sensors within a user's environment to collect and analyze metadata across multiple cloud platforms.
- Supported Cloud Platforms:
AWS Config is tailored specifically for AWS services and can be used to monitor resources deployed within the AWS ecosystem. It supports a wide range of AWS resources including EC2 instances, S3 buckets, RDS instances, IAM roles, and more. While Skylight can also work with AWS, it supports multiple cloud platforms including AWS, Google Cloud Platform(GCP), and Microsoft Azure. This multi-cloud support makes Skylight a suitable choice for organizations that have a multi-cloud infrastructure.
- Configuration Monitoring vs. Runtime Monitoring:
AWS Config primarily focuses on configuration monitoring, providing insights into the historical and current state of AWS resource configurations. It enables users to assess how the configurations have changed over time, identify compliance violations, and troubleshoot issues related to resource configurations. In contrast, Skylight offers runtime monitoring capabilities by actively collecting and analyzing data from infrastructure deployments as they are running. Skylight can detect and alert on misconfigurations, vulnerabilities, and potential security risks in real-time.
- Remediation and Automation:
AWS Config provides users with insights and recommendations regarding configuration best practices and security standards. It also supports rule-based compliance checks and provides remediation options for non-compliant resources. Users can integrate AWS Config with AWS Systems Manager Automation to automate remediation tasks based on the identified configuration changes. Skylight, on the other hand, focuses on providing alerts and visibility into the runtime behavior of cloud resources. While Skylight offers integrations with tools like Terraform and Ansible for configuration management, it does not have built-in remediation capabilities.
- Cost Structure:
AWS Config has its own pricing structure based on the number of configuration items recorded and the number of rules evaluated. Users need to consider the costs associated with AWS Config before enabling it for their AWS accounts. Conversely, Skylight has a subscription-based pricing model which includes a fixed fee per monitored cloud account. The pricing is typically determined by the number of cloud accounts and the volume of monitored resources.
- Vendor Lock-in:
As AWS Config is a service provided by AWS, it may have dependencies and integrations with other AWS offerings. Users relying heavily on AWS services may find it easier to use AWS Config due to its seamless integration with the AWS ecosystem. Skylight, being a third-party solution, offers a more agnostic approach and can be used across multiple cloud platforms, reducing the risk of vendor lock-in.
In summary, AWS Config and Skylight differ in terms of their architecture, supported cloud platforms, focus on configuration monitoring vs. runtime monitoring, remediation capabilities, cost structure, and vendor lock-in. Understanding these differences can help organizations choose the right cloud monitoring solution based on their specific requirements and cloud infrastructure setup.
Pros of AWS Config
- Backed by Amazon4
- One stop solution2
Pros of Skylight
- Beautiful UI11
- Sort by 'agony' - lists low hanging fruit fixes8
- Made by ember.js and rails core team members8
- Actionable analytics with concrete numbers7
- Free tier6
- Shows you repeat db queries4
- Great for production use3
- Setup in a minute2
- Weekly email w/performance trends1
- Full MVC profile1
Sign up to add or upvote prosMake informed product decisions
Cons of AWS Config
- Not user friendly2
Cons of Skylight
- Comparing different timeframes is difficult1