Stack Overflow
Stack Overflow

Questions tagged [aws-config]

AWS config provides a detailed view of the resources associated with your AWS account, including how they are configured, how they are related to one another, and how the configurations and their relationships have changed over time.

AWS Config documentation

124 questions
0
votes
0 answers

AWS Config rule evaluation result retention time

I'm observing inconsistent behavior w/ the GetComplianceDetailsByConfigRule API. For account A1, I have two rules, R1 & R2, which are applied to EC2 instances. Calling GetComplianceDetailsByConfigRule for each, I get evaluation results for R1 that…
Tianxiang Xiong
  • 3,887
  • 9
  • 44
  • 63
0
votes
0 answers

Prevent CodeBuild projects without VPC

I need to prevent AWS users from creating CodeBuild projects without the VPC set. My organization wants to prohibit creation and running of CodeBuild outside of a VPC. It's is not necessary to name the vpc. If the vpc is set in the project, we're…
Michael
  • 89
  • 5
0
votes
1 answer

Aws config vs detective guardrails

Can anyone help me in sorting out my queries on aws config. Firstly, when I am launching control tower, I see 2 config aggregators, one in management account and other in archive account. What is the difference between these two? If there is no…
nischeruku
  • 1
  • 2
0
votes
0 answers

M1 Mac Trying to npm run start but unable to fetch DynamoDB tables from aws. ERROR failed to setConfig. Failed to read aws region

Hi I am working on a node uplift project but fetching DynamoDB tables from M1 Mac is challenging. So far I am getting these error messages as follows aupm:DynamoInit Failed to set config +0ms aupm:DynamoInit Error: Failed to read the AWS region from…
clair
  • 1
0
votes
0 answers

Prevent creation of ALB with TLS lower then 1.2 using SCP or any other way organization wide

Is there a way to prevent/deny creation of ALB with TLS lower then 1.2? I've tried a few policies in SCP but I can't seem to find the right condition for a deny. When I'm looking at a specific event in the cloudtrail I can see a specific sslPolicy…
GTXBxaKgCANmT9D9
  • 276
  • 4
  • 12
0
votes
1 answer

Github actions automated unit tests failing with "cannot find module 'aws-exports'"

I am trying to find a way to run unit tests automatically on a project hosted by amplify using Github Actions to trigger the unit tests on pull request. On each instance of the action, it is failing on line import awsconfig from 'aws-exports'; With…
NateG
  • 1
  • 1
0
votes
0 answers

Powershell Variables - Issue replacing parameter value when using AWS CLI for Cloudformation

I am currently trying to set up CloudFormation to use AWS Config and set up the AWS default rule for Public RDS checking. I am trying to deploy this using powershell with variables, code below. # Variables $default_region = 'eu-west-1' $aws_profile…
Gavin Doris
  • 61
  • 1
  • 1
0
votes
0 answers

Granting AWS Config cross-account S3 access

I would like to centralize the AWS Config logs from the different AWS Accounts in a single S3 Bucket in one AWS Account. I've configured the S3 Bucket exactly with the policy indicated at this link:…
Andrea
  • 1
  • 2
0
votes
2 answers

Avoid AWS CLI to wait on --More-- prompt

I am automating app deployments by making use of AWS CLI commands. However, the problem is that when the AWS command is fired and is completed, the next command in the script is not executed. This is because the command returns a JSON and that JSON…
SimpleGuy
  • 2,764
  • 5
  • 28
  • 45
0
votes
0 answers

set AWS S3 config region in C++

I realized that when I have a .aws folder with config file inside it, AWS responds about 100 times faster (to any upload, download, or query) than when config file does not exist. I do not want to have aws folder on my system, so I used the…
Saeed Baba
  • 188
  • 2
  • 14
0
votes
0 answers

AWS Config unable to write to S3 bucket. Incorrect policy

Here is the template below. I am getting an Incorrect policy, unable to write to bucket. { "AWSTemplateFormatVersion": "2010-09-09", "Description": "Template for a startup company looking to move their services to the cloud", …
DrewCargle
  • 1
0
votes
2 answers

AWS config query with wildcard in resourceType

I'm trying to get all associated resource relationship types for a specific EC2. Is it possible to use a wildcard in an AWS config query in the WHERE block with resourceType rather than having to declare each type? What I am doing that's…
risail
  • 509
  • 5
  • 14
  • 37
0
votes
0 answers

How do I create python code for ec2 imds check?

I'm creating AWS Config Custom Rule for ec2-imds-check, I checked this github page for python code for that action but I looks like there's not much information about that. Has anyone created a custom python code for ec2-imds-check? If yes can you…
Stephie
  • 1
  • 1
0
votes
1 answer

An error occurred (ValidationException) when calling the ListTagsForResource operation: One or more parameter value is invalid

I am trying to run an AWS cli command of the following form aws configservice list-tags-for-resource --resource-arn arn:aws:eks:ap-southeast-2:123456789:cluster/xxxxxxxxxxx--region ap-southeast-2 I am recieving the following error An error occurred…
Huy Nguyen
  • 11
  • 1
0
votes
2 answers

Conditionally deploying AWS Config rules using cdk python

I have a requirement to deploy config rules conditionally based on certain parameters. Here below is one config.ManagedRule(self, "AccessKeysRotated", identifier=config.ManagedRuleIdentifiers.ACCESS_KEYS_ROTATED, input_parameters={ …
user20358
  • 14,182
  • 36
  • 114
  • 186
1 2 3
8 9