Menu
AWS Config
Developer Guide

Creating AWS Config Managed rules with AWS CloudFormation templates

For supported AWS Config managed rules, you can use the AWS CloudFormation templates to create the rule for your account or update an existing AWS CloudFormation stack. A stack is a collection of related resources that you provision and update as a single unit. When you launch a stack with a template, the AWS Config managed rule is created for you. The templates create only the rule, and don't create additional AWS resources.

Note

When AWS Config managed rules are updated, the templates are updated for the latest changes. To save a specific version of a template for a rule, download the template, and upload it to your S3 bucket.

For more information about working with AWS CloudFormation templates, see Getting Started with AWS CloudFormation in the AWS CloudFormation User Guide.

To launch an AWS CloudFormation stack for an AWS Config managed rule

  1. Choose a rule from the list of AWS Managed Config Rules.

  2. Choose View to download a template or choose Launch Stack. If you choose Launch Stack, skip to step 4.

  3. Go to the CloudFormation console and create a new stack.

  4. For Select Template:

    • If you downloaded the template, choose Upload a template to Amazon S3, and then choose Browse to upload the template.

    • If you chose the Launch Stack button, the template URL appears automatically in the Specify an Amazon S3 template URL field.

  5. Choose Next.

  6. For Specify Details, type a stack name and enter parameter values for the AWS Config rule. For example, if you are using the DESIRED_INSTANCE_TYPE managed rule template, you can specify the instance type such as "m4.large".

  7. Choose Next.

  8. For Options, you can create tags or configure other advanced options. These are not required.

  9. Choose Next.

  10. For Review, verify that the template, parameters, and other options are correct.

  11. Choose Create. The stack is created in a few minutes. You can view the created rule in the AWS Config console.

You can use the templates to create a single stack for AWS Config managed rules or update an existing stack in your account. If you delete a stack, the managed rules created from that stack are also deleted. For more information, see Working with Stacks in the AWS CloudFormation User Guide.