AWS Config
Developer Guide

Permissions for AWS Config

To get the most out of AWS Config, you need to create permissions policies to attach to your IAM role, your Amazon Simple Storage Service (S3) bucket, and your Amazon Simple Notification Service (SNS) topic. A policy is a set of statements that grants AWS Config permissions. The following topics provide examples of recommended IAM policies to use with the AWS Config console and the AWS Command Line Interface.