The process for creating a custom config rule remains more or less similar to the earlier process, apart from a few changes here and there. In this section, we will be exploring how to create a simple compliance rule that will essentially trigger a config compliance alert if a user launches an EC2 instance other than the t2.micro instance type:

1. To get started, select the Rules option from the AWS Config navigation pane, then select the Add custom rule button present on the Add rule page. The creation of the custom rule starts off like any other, by providing a suitable Name and Description for the rule. Now, here's where the actual change occurs. Custom config rules rely on AWS Lambda to monitor and trigger the compliance checks. And this is actually perfect, as Lambda functions are event driven and perfect for hosting the business logic for our custom rules.
2. Select the Create AWS Lambda function to get things started. Here, I'm going to make use of a pre-defined Lambda blueprint that was essentially created to work in conjunction with AWS Config. Alternatively, you can create your config rule's business logic from scratch, and deploy the same in a fresh function. For now, type in the following text in the Blueprints filter, as shown in the following screenshot (config-rule-change-triggered):

3. Ensure that the blueprint is selected, and click on Next to continue.
4. In the function's Basic Information page, provide a Name for your function followed by selecting the Create new role from template(s) option from the Role drop-down list. The role will essentially provide the Lambda function with the necessary permissions to read from EC2 and write the output back to AWS Config as well as to Amazon CloudWatch.
5. Type in a suitable Role name and select the Create function option to complete the process. Once the function is deployed, make a note of its ARN, as we will be requiring the same in the next step.
6. Return back to the AWS Config Add custom rule page and paste the newly created function's ARN in the AWS Lambda function ARN file, as shown in the following screenshot:

7. With the function's ARN pasted, the rest of the configuration for the custom rule remains the same. Unlike the managed rules, you can opt to change the Trigger type between Configuration changes or Periodic, as per your requirements. In this case, I've opted to go for the Condition changes as my trigger mechanism, followed by EC2: Instance as the Resource type.
8. Last, but not least, we also need to specify the Rule parameters, which is basically a key-value pair that defines an attribute against which your resources will be validated. In this case, desiredInstanceType is the Key and t2.micro is the Value. Click Save to complete the setup process:

9. With the rule in place, all you need to do now is take it for a small test run! Go ahead and launch a new EC2 instance that is other than t2.micro. Remember that the instance has to be launched in the same region as that of your Lambda function! Sure enough, once the instance is launched, the change gets immediately reflected in AWS Config's dashboard:

With this, we come towards the end of this section as well as the chapter! However, before we conclude, here's a quick look at some interesting best practices and next steps that you ought to keep in mind when working with AWS CloudTrail and AWS Config!