ConfigurationItem - AWS Config
AWS services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with AWS services in China.

ConfigurationItem

A list that contains detailed configurations of a specified resource.

Contents

accountId

The 12-digit AWS account ID associated with the resource.

Type: String

Pattern: \d{12}

Required: No

arn

accoun

Type: String

Required: No

availabilityZone

The Availability Zone associated with the resource.

Type: String

Required: No

awsRegion

The region where the resource resides.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Required: No

configuration

The description of the resource configuration.

Type: String

Required: No

configurationItemCaptureTime

The time when the configuration recording was initiated.

Type: Timestamp

Required: No

configurationItemMD5Hash

Unique MD5 hash that represents the configuration item's state.

You can use MD5 hash to compare the states of two or more configuration items that are associated with the same resource.

Type: String

Required: No

configurationItemStatus

The configuration item status. The valid values are:

  • OK – The resource configuration has been updated

  • ResourceDiscovered – The resource was newly discovered

  • ResourceNotRecorded – The resource was discovered but its configuration was not recorded since the recorder excludes the recording of resources of this type

  • ResourceDeleted – The resource was deleted

  • ResourceDeletedNotRecorded – The resource was deleted but its configuration was not recorded since the recorder excludes the recording of resources of this type

Note

The CIs do not incur any cost.

Type: String

Valid Values: OK | ResourceDiscovered | ResourceNotRecorded | ResourceDeleted | ResourceDeletedNotRecorded

Required: No

configurationStateId

An identifier that indicates the ordering of the configuration items of a resource.

Type: String

Required: No

relatedEvents

A list of CloudTrail event IDs.

A populated field indicates that the current configuration was initiated by the events recorded in the CloudTrail log. For more information about CloudTrail, see What Is AWS CloudTrail.

An empty field indicates that the current configuration was not initiated by any event. As of Version 1.3, the relatedEvents field is empty. You can access the LookupEvents API in the AWS CloudTrail API Reference to retrieve the events for the resource.

Type: Array of strings

Required: No

relationships

A list of related AWS resources.

Type: Array of Relationship objects

Required: No

resourceCreationTime

The time stamp when the resource was created.

Type: Timestamp

Required: No

resourceId

The ID of the resource (for example, sg-xxxxxx).

Type: String

Length Constraints: Minimum length of 1. Maximum length of 768.

Required: No

resourceName

The custom name of the resource, if available.

Type: String

Required: No

resourceType

The type of AWS resource.

Type: String

Valid Values: AWS::EC2::CustomerGateway | AWS::EC2::EIP | AWS::EC2::Host | AWS::EC2::Instance | AWS::EC2::InternetGateway | AWS::EC2::NetworkAcl | AWS::EC2::NetworkInterface | AWS::EC2::RouteTable | AWS::EC2::SecurityGroup | AWS::EC2::Subnet | AWS::CloudTrail::Trail | AWS::EC2::Volume | AWS::EC2::VPC | AWS::EC2::VPNConnection | AWS::EC2::VPNGateway | AWS::EC2::RegisteredHAInstance | AWS::EC2::NatGateway | AWS::EC2::EgressOnlyInternetGateway | AWS::EC2::VPCEndpoint | AWS::EC2::VPCEndpointService | AWS::EC2::FlowLog | AWS::EC2::VPCPeeringConnection | AWS::Elasticsearch::Domain | AWS::IAM::Group | AWS::IAM::Policy | AWS::IAM::Role | AWS::IAM::User | AWS::ElasticLoadBalancingV2::LoadBalancer | AWS::ACM::Certificate | AWS::RDS::DBInstance | AWS::RDS::DBSubnetGroup | AWS::RDS::DBSecurityGroup | AWS::RDS::DBSnapshot | AWS::RDS::DBCluster | AWS::RDS::DBClusterSnapshot | AWS::RDS::EventSubscription | AWS::S3::Bucket | AWS::S3::AccountPublicAccessBlock | AWS::Redshift::Cluster | AWS::Redshift::ClusterSnapshot | AWS::Redshift::ClusterParameterGroup | AWS::Redshift::ClusterSecurityGroup | AWS::Redshift::ClusterSubnetGroup | AWS::Redshift::EventSubscription | AWS::SSM::ManagedInstanceInventory | AWS::CloudWatch::Alarm | AWS::CloudFormation::Stack | AWS::ElasticLoadBalancing::LoadBalancer | AWS::AutoScaling::AutoScalingGroup | AWS::AutoScaling::LaunchConfiguration | AWS::AutoScaling::ScalingPolicy | AWS::AutoScaling::ScheduledAction | AWS::DynamoDB::Table | AWS::CodeBuild::Project | AWS::WAF::RateBasedRule | AWS::WAF::Rule | AWS::WAF::RuleGroup | AWS::WAF::WebACL | AWS::WAFRegional::RateBasedRule | AWS::WAFRegional::Rule | AWS::WAFRegional::RuleGroup | AWS::WAFRegional::WebACL | AWS::CloudFront::Distribution | AWS::CloudFront::StreamingDistribution | AWS::Lambda::Function | AWS::ElasticBeanstalk::Application | AWS::ElasticBeanstalk::ApplicationVersion | AWS::ElasticBeanstalk::Environment | AWS::WAFv2::WebACL | AWS::WAFv2::RuleGroup | AWS::WAFv2::IPSet | AWS::WAFv2::RegexPatternSet | AWS::WAFv2::ManagedRuleSet | AWS::XRay::EncryptionConfig | AWS::SSM::AssociationCompliance | AWS::SSM::PatchCompliance | AWS::Shield::Protection | AWS::ShieldRegional::Protection | AWS::Config::ResourceCompliance | AWS::ApiGateway::Stage | AWS::ApiGateway::RestApi | AWS::ApiGatewayV2::Stage | AWS::ApiGatewayV2::Api | AWS::CodePipeline::Pipeline | AWS::ServiceCatalog::CloudFormationProvisionedProduct | AWS::ServiceCatalog::CloudFormationProduct | AWS::ServiceCatalog::Portfolio | AWS::SQS::Queue | AWS::KMS::Key | AWS::QLDB::Ledger | AWS::SecretsManager::Secret | AWS::SNS::Topic | AWS::SSM::FileData

Required: No

supplementaryConfiguration

Configuration attributes that AWS Config returns for certain resource types to supplement the information returned for the configuration parameter.

Type: String to string map

Required: No

tags

A mapping of key value tags associated with the resource.

Type: String to string map

Required: No

version

The version number of the resource configuration.

Type: String

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: