Record and Delete a Configuration State for Third-Party Resources Using AWS CLI - AWS Config

Record and Delete a Configuration State for Third-Party Resources Using AWS CLI

The AWS CLI is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and use scripts to automate them.

To install the AWS CLI on your local machine, see Installing the AWS CLI in the AWS CLI User Guide.

If necessary, type aws configure to configure the AWS CLI.

Record a Configuration Item

Record a configuration item for a third-party resource or a custom resource type using the following procedure:

Ensure you register the resource type MyCustomNamespace::Testing::WordPress with its matching schema.

  1. Open a command prompt or a terminal window.

  2. Type the following command:

    aws configservice put-resource-config --resource-type MyCustomNamespace::Testing::WordPress --resource-id resource-001 --schema-version-id 00000001 --configuration '{ "Id": "resource-001", "Name": "My example custom resource.", "PublicAccess": false }'
Note

As defined in the type schema, writeOnlyProperties will be removed from the configuration prior to being recorded by AWS Config. This means that these values will not be present when the configuration is obtained via read APIs. For more information on writeOnlyProperties, see Resource type schema.

Read the Configuration Item using AWS Config APIs

  1. Open a command prompt or a terminal window.

  2. Type the following command:

    aws configservice list-discovered-resources --resource-type MyCustomNamespace::Testing::WordPress
  3. Press Enter.

    You should see output similar to the following:

    { "resourceIdentifiers": [ { "resourceType": "MyCustomNamespace::Testing::WordPress", "resourceId": "resource-001" } ] }
  4. Type the following command:

    aws configservice batch-get-resource-config --resource-keys '[ { "resourceType": "MyCustomNamespace::Testing::WordPress", "resourceId": "resource-001" } ]'
  5. Press Enter.

    You should see output similar to the following:

    { "unprocessedResourceKeys": [], "baseConfigurationItems": [ { "configurationItemCaptureTime": 1569605832.673, "resourceType": "MyCustomNamespace::Testing::WordPress", "resourceId": "resource-001", "configurationStateId": "1569605832673", "awsRegion": "us-west-2", "version": "1.3", "supplementaryConfiguration": {}, "configuration": "{\"Id\":\"resource-001\",\"Name\":\"My example custom resource.\",\"PublicAccess\":false}", "configurationItemStatus": "ResourceDiscovered", "accountId": "AccountId" } ] }

Delete the Third-Party Resource

You can record the configuration state for a third-party resource or custom resource type that you want to delete.

  • Type the following command:

    aws configservice delete-resource-config --resource-type MyCustomNamespace::Testing::WordPress --resource-id resource-002

    If successful, the command executes with no additional output.