Record and Delete a Configuration State for Third-Party Resources Using Amazon CLI - Amazon Config
Record a Configuration ItemRead the Configuration Item using Amazon Config APIsDelete the Third-Party Resource
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Record and Delete a Configuration State for Third-Party Resources Using Amazon CLI

The Amazon CLI is a unified tool to manage your Amazon services. With just one tool to download and configure, you can control multiple Amazon services from the command line and use scripts to automate them. For more information about the Amazon CLI and for instructions on installing the Amazon CLI tools, see the following in the Amazon Command Line Interface User Guide.

If necessary, enter aws configure to configure the Amazon CLI to use an Amazon Region where Amazon Config aggregators are available.

Record a Configuration Item

Record a configuration item for a third-party resource or a custom resource type using the following procedure:

Ensure you register the resource type MyCustomNamespace::Testing::WordPress with its matching schema.

  1. Open a command prompt or a terminal window.

  2. Enter the following command:

    aws configservice put-resource-config --resource-type MyCustomNamespace::Testing::WordPress --resource-id resource-001 --schema-version-id 00000001 --configuration  '{
  "Id": "resource-001",
  "Name": "My example custom resource.",
  "PublicAccess": false
}'
Note

As defined in the type schema, writeOnlyProperties will be removed from the configuration prior to being recorded by Amazon Config. This means that these values will not be present when the configuration is obtained via read APIs. For more information on writeOnlyProperties, see Resource type schema.

Read the Configuration Item using Amazon Config APIs

  1. Open a command prompt or a terminal window.

  2. Enter the following command:

    aws configservice list-discovered-resources --resource-type MyCustomNamespace::Testing::WordPress

  3. Press Enter.

    You should see output similar to the following:

    {
    "resourceIdentifiers": [
        {
            "resourceType": "MyCustomNamespace::Testing::WordPress",
            "resourceId": "resource-001"
        }
    ]
}

  4. Enter the following command:

    aws configservice batch-get-resource-config --resource-keys '[ { "resourceType": "MyCustomNamespace::Testing::WordPress", "resourceId": "resource-001" } ]'

  5. Press Enter.

    You should see output similar to the following:

    {
    "unprocessedResourceKeys": [],
    "baseConfigurationItems": [
        {
            "configurationItemCaptureTime": 1569605832.673,
            "resourceType": "MyCustomNamespace::Testing::WordPress",
            "resourceId": "resource-001",
            "configurationStateId": "1569605832673",
            "awsRegion": "us-west-2",
            "version": "1.3",
            "supplementaryConfiguration": {},
            "configuration": "{\"Id\":\"resource-001\",\"Name\":\"My example custom resource.\",\"PublicAccess\":false}",
            "configurationItemStatus": "ResourceDiscovered",
            "accountId": "AccountId"
        }
    ]
}

Delete the Third-Party Resource

You can record the configuration state for a third-party resource or custom resource type that you want to delete.

  • Enter the following command:

    aws configservice delete-resource-config --resource-type MyCustomNamespace::Testing::WordPress --resource-id resource-002

    If successful, the command executes with no additional output.