Enabling AWS Config Reports

You can use CloudCheckr to report on data from AWS Config. If the Access Key and Secret Key used when configuring your project does not have permissions to report on AWS Config activity you will need to update that group or user’s permissions within AWS IAM.

Follow these steps to do so:

Step 1: Log in to your Amazon Web Services Management Console.

Step 2: Load the Identity and Access Management (IAM) Dashboard.

Step 3: On the right-hand IAM menu, click Groups.

Capture

Step 4: Select the group that contains the user whose Access and Secret Keys were added to CloudCheckr.

Capture

Step 5: Click the Permissions tab.

Capture

Step 6: Click the Manage Policy link to the right of the ReadOnlyAccess policy.

Capture

Step 7: Within the Policy Document, add the following:

"config:DescribeDeliveryChannels",
"config:DescribeDeliveryChannelStatus",
"config:DescribeConfigurationRecorders",
"config:DescribeConfigurationRecorderStatus",

Capture

Step 8: Click Apply Policy

That’s it! The next snapshot that CloudCheckr takes of your AWS account will also retrieve and report on AWS Config.

Leave a Reply