AWS config provides a detailed view of the resources associated with your AWS account, including how they are configured, how they are related to one another, and how the configurations and their relationships have changed over time.
Questions tagged [aws-config]
124 questions
0
votes
1 answer
Get AWS resources that don't have any tags using custom AWS Config policy not working
I'm working on a task to get all the resources in an account that don't have any tags on them. I came across AWS Config custom guard policies. To start with, I tried writing below Guard policy to filter just EC2 instances that don't have tags.
This…
Sarat Kota
- 43
- 8
0
votes
0 answers
AWS Config shows both ConfigurationItemsRecorded and ConfigurationRecorderInsufficientPermissionFailure in CloudWatch Metrics
I am trying to figure out the why is AWS Config allowed to record some ResourceType(s) in one of our AWS account but not in other.
CloudWatch Metrics show ConfigurationRecorderInsufficientPermissionFailure in one account but both…
nu_popli
- 920
- 1
- 7
- 12
0
votes
1 answer
How to run an AWS Lambda function across an entire organisation
I have AWS account and want to delete the access keys across all child accounts which have not not been accessed > 90 days.
I created a Lambda function which lists all access keys and usernames in an account, using the Boto3 IAM client. Then I…
PeeKay
- 59
- 1
- 4
0
votes
1 answer
Get all tags for resources retrieved with AWS Config
I'm using an AWS Custom Config Rule created with Lambda. I'm using an example from the official AWS docs (Example Function for Periodic Evaluations
)
resource_identifiers = []
for resource_type in resource_types:
…
DenCowboy
- 13,884
- 38
- 114
- 210
0
votes
2 answers
How do we go about versioning and/or backing up Configurations for the Amazon AWS Cloud Services?
Sorry, I’m sort of a newbie when it comes to Amazon AWS Cloud so sorry if I sound naïve.
For .NET developers, I’ve used Visual Studio 2019’s AWS Lambda project to code Lambda functions and ultimately deploy it to Amazon AWS cloud
However, my concern…
crazyTech
- 1,379
- 3
- 32
- 67
0
votes
1 answer
AWS Config stuck at "Currently in progress" when deploying with AWS CDK
I want to use AWS CDK to deploy AWS Config. The deploy gets stuck at:
Currently in progress: AWSConfig, MyCfnConfigurationRecorder, MyCfnDeliveryChannel
from aws_cdk import (
Stack,
aws_config as config,
aws_iam as role,
aws_s3 as…
Khanh
- 1
0
votes
1 answer
Enabling AWS Config with CloudFormation does not work
I registered my delegated administrator account for my AWS organization successfully (I get the notification that I´m the delegated admin every time when I´m at the StackSet Console).
So I should be able to enable AWS Config with the sample…
Maiwand
- 127
- 1
- 14
0
votes
1 answer
Set the recipient of a PagerDuty alerts programmatically
I am looking for ideas on how to set the recipient of PagerDuty alerts.
To give some context, I have an aws config rule that publishes a new event into an SNS topic, via EventBridge, each time the config rule is non-compliant then I have PagerDuty…
Ben
- 21
- 4
0
votes
1 answer
AWS Config not showing full list of non-compliant resources
I have created AWS Config for SNS topic not encrypted with AWS KMS. Both SNS and AWS config are in the same region.
I have created 2 sample SNS topics but I can see only one in AWS Config.
AWS config Image:
SNS topics created:
Can anyone explain…
Hacker
- 49
- 4
0
votes
0 answers
CredentialsError: Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1 (EVEN WHEN CONFIG IS UPDATED)
I'm using AWS for executing some functionalities of our project.
Here's the AWS configuration that's being implemented on our project file.
const aws = require('aws-sdk');
const lambda = new aws.Lambda({ region: 'us-west-2' });
const AWS_REGION =…
Chirag
- 994
- 2
- 11
- 26
0
votes
1 answer
How to troubleshoot AWS Config remediations issues?
I'm trying to develop custom remediations using SSM documents.
In some cases, when it goes wrong I can check it in the System Manager -> Automation console and see what's wrong with the code.
But there are these situations where I cannot see…
CMPSoares
- 4,175
- 3
- 24
- 42
0
votes
1 answer
Update /.aws/config file on your local machine
I am trying to update the local aws/config file on my mac. I am not able to read or update any contents of the config file.
import configparser
import os
creds_dir = os.path.dirname("~/.aws/config")
config = configparser.RawConfigParser()
if not…
PiaklA
- 495
- 2
- 7
- 21
0
votes
2 answers
AWS Unauthorised Operation AWSServiceRoleForConfig on KMS Key Decrypt
Every day I'm seeing some CloudTrail logs for unauthorised KMS decrypt operations and I'm can't figure out what's causing it. Here is an example of the logs:
{
"eventVersion": "1.08",
"userIdentity": {
"type": "AssumedRole",
…
Alex Bailey
- 1,260
- 12
- 27
0
votes
0 answers
if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1 AWS SSM
I am trying to use AWS SSM in my project by the following way:
const AWS = require('aws-sdk')
const ssmClient = new AWS.SSM({
apiVersion: 'latest',
region: 'REGION'
});
export const localEnvironment = () => {
…
omar
- 173
- 1
- 13
0
votes
1 answer
Configure all AWS Managed rules in AWS Config through Cloudformation
I have a requirement to select all the rules in AWS Config while deploying the resources in newly created account through Cloudformation. But I don't know how to select all the AWS Managed rules as in Console through Cloudformation. Any help would…
Deepakvg
- 71
- 2
- 9