How To Enable AWS Config Service Using API

How To Enable AWS Config Service Using API

How To Enable AWS Config Service Using API

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

In the last blog post, we have discussed key concepts of AWS config service.

https://cloudaffaire.com/key-concepts-of-aws-config-service/

In today’s blog post, we will discuss how to enable AWS config service using API. You can enable AWS Config service on your AWS account for a specific region and for all supported resources or a subset of supported resources. AWS Config service acts as CMDB for your AWS landscape where you enable it and records all configuration changes.

When you enable AWS Config, it first discovers the supported AWS resources that exist in your account and generates a configuration item for each resource. AWS Config also generates configuration items when the configuration of a resource changes, and it maintains historical records of the configuration items of your resources from the time you start the configuration recorder.

By default, AWS Config creates configuration items for every supported resource in the region. If you don’t want AWS Config to create configuration items for all supported resources, you can specify the resource types that you want it to track.

How To Enable AWS Config Service Using API:

Prerequisites:

  • AWS CLI installed and configured with proper access. You can use below link to install and configure AWS CLI.

https://cloudaffaire.com/how-to-install-aws-cli/

https://cloudaffaire.com/how-to-configure-aws-cli/

Step 1: Create a S3 bucket with proper bucket policy to store config recordings.

Step 2: Create an IAM role for AWS config service with proper policy.

Step 3: Enable AWS Config service using AWS CLI

Observe, we are enabling AWS config service for only specific sub-set of supported resources by defining custom recording group.

Warning: There is additional cost associated with AWS Config, please refer below documentation for latest AWS Config pricing.

https://aws.amazon.com/config/pricing/

Step 4: Create a config delivery channel (S3 in our case) to store all the config recordings.

Step 5: Start Config recordings

Note: AWS Config will take some time to discover all the resources, initial configuration items and deliver them to S3 bucket. Wait for some time till status of config recorder status is “SUCCESS” and then proceed to next step.

Step 6: Get details for AWS config.

We have successfully enabled AWS config service.

How To Disable AWS Config Service

Next, we will delete all the resources created in this demo as there are cost associated with them.

Step 7: Disable AWS config service and delete all the resources.

Hope you have enjoyed this article. To know more about AWS Config, please refer below official documentation

https://docs.aws.amazon.com/config/index.html

Leave a Reply

Close Menu