Looking Up Resources That Are Discovered by AWS Config - AWS Config

Looking Up Resources That Are Discovered by AWS Config

You can use the AWS Config console, AWS CLI, and AWS Config API to look up the resources that AWS Config has taken an inventory of, or discovered, including deleted resources and resources that AWS Config is not currently recording. AWS Config discovers supported resource types only. For more information, see Supported Resource Types.

Looking Up Resources (AWS Config Console)

You can use resource types or tag information to look up resources in the AWS Config console.

To look up resources

  1. Sign in to the AWS Management Console and open the AWS Config console at https://console.aws.amazon.com/config/.

  2. On the Resource inventory page, specify the search options for the resources that you want to look up:

    • Resource category – Choose all resource categories or narrow results to only AWS Resources.

    • Resource type – Choose all resource types or select which resource(s) to filter by.

    • Compliance – Choose to filter by any compliance status, compliant, or noncompliant.

  3. AWS Config lists the resources that match your search options. You can see the following information about the resources:

    • Resource identifier – The resource identifier might be a resource ID or a resource name, if applicable. Choose the resource identifier link to view the resource details page.

    • Resource type – The type of the resource is listed.

    • Compliance – The status of the resource that AWS Config evaluated against your rule.

      For more information, see Viewing Configuration Details.

Looking Up Resources (AWS CLI)

You can use the AWS CLI to list resources that AWS Config has discovered.

To look up resources (AWS CLI)

  • Use the aws configservice list-discovered-resources command:

    Example

    $ aws configservice list-discovered-resources --resource-type "AWS::EC2::Instance" { "resourceIdentifiers": [ { "resourceType": "AWS::EC2::Instance", "resourceId": "i-nnnnnnnn" } ] }

To view the configuration details of a resource that is listed in the response, use the get-resource-config-history command, and specify the resource type and ID. For an example of this command and the response from AWS Config, see Viewing Configuration History.

Looking up Resources (AWS Config API)

You specify a resource type, and AWS Config returns a list of resource identifiers for resources of that type. For more information, see ResourceIdentifier in the AWS Config API Reference.

To look up resources (AWS Config API)

To get the configuration details of a resource that is listed in the response, use the GetResourceConfigHistory action, and specify the resource type and ID.