AWS Config
Developer Guide

Enabling AWS Config Rules Across all Accounts in Your Organization

AWS Config allows you to manage AWS Config rules across all AWS accounts within an organization. You can:

  • Centrally create, update, and delete AWS Config rules across all accounts in your organization.

  • Deploy a common set of AWS Config rules across all accounts and specify accounts where AWS Config rules should not be created.

  • Use the APIs from the master account in AWS Organizations to enforce governance by ensuring that the underlying AWS Config rules are not modifiable by your organization’s member accounts.

Ensure AWS Config recording is on before you use the following APIs to manage AWS Config rules across all AWS accounts within an organization: