aws.config
Supported platform
- aws
Description
AWS Config
Use the aws.config resource to assess the configuration of the AWS Config service. The resource provides the .recorders field, which returns a list of aws.config.recorder resources representing all AWS Config recorders configured across all enabled regions, as well as the .rules field, which returns a list of aws.config.rule resources representing all AWS Config rules configured across all enabled regions in the account.
Fields
| ID | TYPE | DESCRIPTION |
|---|---|---|
| recorders | []aws.config.recorder | List of configuration recorders for each region in the account |
| rules | []aws.config.rule | List of AWS Config rules |
| deliveryChannels | []aws.config.deliverychannel | List of delivery channels for each region in the account |
Examples
Return a list of aws.config.rule resources representing AWS Config rules configured across all enabled regions and the values for specified fields
aws.config.rules {
arn
state
source
}
Return a list of AWS Config recorders configured across all enabled regions and the values for specified fields
aws.config.recorders {
name
roleArn
allSupported
includeGlobalResourceTypes
resourceTypes
recording
lastStatus
region
}
Ensure AWS Config is enabled in all regions
aws.config.recorders.any(allSupported == true && includeGlobalResourceTypes == true)
aws.config.recorders.where(allSupported == true && includeGlobalResourceTypes == true).all(
recording == true && lastStatus == "SUCCESS"
)
References