Viewing Compliance Information and Evaluation Results for your Amazon Resources
Important
For accurate reporting on the compliance status, you must record the AWS::Config::ResourceCompliance
resource type.
For more information, see Recording Amazon Resources.
You can use the Amazon Config console or Amazon SDKs to view the compliance information and the evaluation results of your resources.
Viewing compliance (Console)
Sign in to the Amazon Web Services Management Console and open the Amazon Config console at https://console.amazonaws.cn/config/
. -
In the Amazon Web Services Management Console menu, verify that the region selector is set to a region that supports Amazon Config rules. For the list of supported regions, see Amazon Config Regions and Endpoints in the Amazon Web Services General Reference.
-
In the navigation pane, choose Resources. On the Resource inventory page, you can filter by resource category, resource type, and compliance status. Choose Include deleted resources if appropriate. The table displays the resource identifier for the resource type and the resource compliance status for that resource. The resource identifier might be a resource ID or a resource name.
-
Choose a resource from the resource identifier column.
-
Choose the Resource Timeline button. You can filter by Configuration events, Compliance events, or CloudTrail Events.
Note
Alternatively, on the Resource inventory page, you can directly choose the resource name. To access the resource timeline from the resource details page, choose the Resource Timeline button.
You can also view the compliance of your resources by looking them up on the Resource inventory page. For more information, see Looking Up Resources That Are Discovered by Amazon Config.
Viewing compliance (Amazon SDKs)
The following code examples show how to use DescribeComplianceByResource
.
The following code examples show how to use GetComplianceSummaryByResourceType
.
The following code examples show how to use GetComplianceDetailsByResource
.