Enabling AWS Config Reports

Introduction

You can use CloudCheckr to report on data from AWS Config. If the Access Key and Secret Key used when configuring your project does not have permissions to report on AWS Config activity you will need to update that group or user’s permissions within AWS IAM.


Procedure

  1. Log in to your Amazon Web Services Management Console.
  2. Load the Identity and Access Management (IAM) Dashboard.
  3. On the right-hand IAM menu, click Groups.
  4. Select the group that contains the user whose Access and Secret Keys were added to CloudCheckr.
  5. Click the Permissions tab.
  6. Click the Manage Policy link to the right of the ReadOnlyAccess policy.
  7. Within the Policy Document, add the following:
  8. "config:DescribeDeliveryChannels",
    "config:DescribeDeliveryChannelStatus",
    "config:DescribeConfigurationRecorders",
    "config:DescribeConfigurationRecorderStatus",

  9. Click Apply Policy.
  10. The next snapshot that CloudCheckr takes of your AWS account will also retrieve and report on AWS Config.

Leave a Reply