AWS::Config::ConfigurationAggregator

The AWS::Config::ConfigurationAggregator resource is an AWS Config resource type that collects AWS Config data from multiple accounts and regions. Use an aggregator to view the resource configuration and compliance data recorded in AWS Config for multiple accounts and regions.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::Config::ConfigurationAggregator",
  "Properties" : {
    "AccountAggregationSources" : [ AccountAggregationSource, ... ],
    "OrganizationAggregationSource" : OrganizationAggregationSource,
    "ConfigurationAggregatorName" : String
  }
}

YAML


Type: "AWS::Config::ConfigurationAggregator"
Properties:
  AccountAggregationSources: 
    - AccountAggregationSource
  OrganizationAggregationSource: 
    OrganizationAggregationSource
  ConfigurationAggregatorName: String

Properties

AccountAggregationSources

A collection of accounts and regions.

Required: No

Type: List of AccountAggregationSource property types

Update requires: No interruption

OrganizationAggregationSource

A collection of regions and IAM role to retrieve AWS Organizations details.

Required: No

Type: OrganizationAggregationSource

Update requires: No interruption

ConfigurationAggregatorName

The name of the configuration aggregator.

Required: Yes

Type: String

Update requires: Replacement

Return Values

Ref

When you pass the logical ID of an AWS::Config::ConfigurationAggregator resource to the intrinsic Ref function, the function returns the ConfigurationAggregatorName, such as myConfigurationAggregator.

For more information about using the Ref function, see Ref.

Examples

ConfigurationAggregator with multiple accounts and multiple regions.

The following example creates a ConfigurationAggregator

JSON


"ConfigurationAggregator": {
    "Type": "AWS::Config::ConfigurationAggregator",
    "Properties": {
      "AccountAggregationSources": [
        {
          "AccountIds": [
            "123456789012",
            "987654321012"
          ],
          "AwsRegions": [
            "us-west-2",
            "us-east-1"
          ],
          "AllAwsRegions": false
        }
      ],
      "ConfigurationAggregatorName": "MyConfigurationAggregator"
    }
  }

YAML


ConfigurationAggregator: 
    Type: "AWS::Config::ConfigurationAggregator"
    Properties: 
      AccountAggregationSources: 
        - AccountIds: 
            - "123456789012"
            - "987654321012"
          AwsRegions:
            - "us-west-2"
            - "us-east-1"
          AllAwsRegions: false
      ConfigurationAggregatorName: MyConfigurationAggregator

ConfigurationAggregator for organization.

The following example creates a ConfigurationAggregator for an organization.

JSON


"ConfigurationAggregator": {
    "Type": "AWS::Config::ConfigurationAggregator",
    "Properties": {
      "OrganizationAggregationSource": {
        "RoleArn": "arn:aws:iam::012345678912:role/aws-service-role/organizations.amazonaws.com/AWSServiceRoleForOrganizations",
        "AwsRegions": [
          "us-west-2",
          "us-east-1"
        ],
        "AllAwsRegions": false
      }
      "ConfigurationAggregatorName": "MyConfigurationAggregator"
    }
  }

YAML


ConfigurationAggregator: 
    Type: "AWS::Config::ConfigurationAggregator"
    Properties: 
      OrganizationAggregationSource: 
        RoleArn: "arn:aws:iam::012345678912:role/aws-service-role/organizations.amazonaws.com/AWSServiceRoleForOrganizations"
        AwsRegions:
          - "us-west-2"
          - "us-east-1"
        AllAwsRegions: false
      ConfigurationAggregatorName: MyConfigurationAggregator

Warning Javascript is disabled or is unavailable in your browser.

To use the AWS Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

« Previous Next »