Menu
AWS Config
Developer Guide

Looking Up Resources That Are Discovered by AWS Config

You can use the AWS Config console, AWS CLI, and AWS Config API to look up the resources that AWS Config has taken an inventory of, or discovered, including deleted resources and resources that AWS Config is not currently recording. AWS Config discovers supported resource types only. For more information, see Supported AWS Resource Types.

Looking Up Resources (AWS Config Console)

You can use resource types or tag information to look up resources in the AWS Config console.

To look up resources

  1. Sign in to the AWS Management Console and open the AWS Config console at https://console.aws.amazon.com/config/.

  2. On the Resource inventory page, specify the search options for the resources that you want to look up:

    • Choose Resources and then choose one or more resource types in the list. This list includes resource types that AWS Config supports. To narrow results, type a resource ID or, if applicable, a resource name in the next box. You can also choose Include deleted resources.

    • Choose Tag and type a tag key that is applied to your resources, such as CostCenter. To narrow results, type a tag value in the next box.

  3. After you specify the search options, choose Look up.

  4. AWS Config lists the resources that match your search options. You can see the following information about the resources:

    • Resource identifier – The resource identifier might be a resource ID or a resource name, if applicable. Choose the resource identifier link to view that resource in the console for that service. For example, choosing the resource identifier for an EC2 instance takes you to the Amazon EC2 console.

    • Compliance – The status of the resource that AWS Config evaluated against your rule.

    • Config timeline – The Config timeline 
                                        AWS Config timeline icon
                                    displays the history of configuration details for the resource. Choose the icon to view the details page for that resource. For more information, see Viewing Configuration Details in the AWS Config Console.

Looking Up Resources (AWS CLI)

You can use the AWS CLI to list resources that AWS Config has discovered.

To look up resources (AWS CLI)

  • Use the aws configservice list-discovered-resources command:

    Example

    Copy
    $ aws configservice list-discovered-resources --resource-type "AWS::EC2::Instance" { "resourceIdentifiers": [ { "resourceType": "AWS::EC2::Instance", "resourceId": "i-nnnnnnnn" } ] }

To view the configuration details of a resource that is listed in the response, use the get-resource-config-history command, and specify the resource type and ID. For an example of this command and the response from AWS Config, see View Configuration History.

Looking up Resources (AWS Config API)

You specify a resource type, and AWS Config returns a list of resource identifiers for resources of that type. For more information, see ResourceIdentifier in the AWS Config API Reference.

To look up resources (AWS Config API)

To get the configuration details of a resource that is listed in the response, use the GetResourceConfigHistory action, and specify the resource type and ID.