AWS Config multi-account, multi-region data aggregation and advanced query capabilities now available in Asia Pacific (Hong Kong) and Middle East (Bahrain) Regions
AWS Config now supports multi-account, multi-region data aggregation in Asia Pacific (Hong Kong) and Middle East (Bahrain) Regions. This feature enables you to aggregate AWS Config configuration and compliance data into a single account and Region, which reduces the time and overhead needed to gather an enterprise-wide view of your compliance status for governance.
In addition, AWS Config now supports advanced query in these Regions, which makes it easy to query the resource configuration properties of your AWS resources for audit, compliance, or operational troubleshooting using simple SQL-like queries. You can also use advanced query with the data aggregation mentioned above, enabling you to run the same queries across accounts and Regions. This provides you a mechanism to query your entire AWS footprint from a central account and get relevant information about your resources. For example, using this query capability, you can retrieve a list of Amazon Elastic Compute Cloud (Amazon EC2) instances of a particular size, Amazon Elastic Block Store (Amazon EBS) volumes that are not attached to an Amazon EC2 instance, or resources that have encryption disabled. This capability works across accounts, Regions, and organizations in AWS Organizations.
It’s easy to get started with these features. When you enable AWS Config in your account, AWS Config discovers and records your resource configuration state, tags, and relationships. Next, follow the steps in Setting Up An Aggregator Using the Console to create an aggregator. After the aggregator is set up, you can run the advanced query on that aggregator by navigating to Resources>Advanced query in the AWS Config console and selecting the aggregator under the query scope. You can view the query results and also export the results in CSV or JSON format from the console for offline access.
The multi-account, multi-region data aggregation and advanced query capabilities are available at no additional cost to AWS Config customers. To learn more about AWS Config and these features, visit the AWS Config webpage and the AWS Config Developer Guide.