A configuration package to enable AWS Config Rule Automatic Remediation for non-compliant environment changes. Remediation is carried out using SSM Documents, and an IAM Role with the required permissions is included in the template. Resources protected include S3 and EC2.