Getting Started with Amazon Config - Amazon Config
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Getting Started with Amazon Config

Amazon Config provides a detailed view of the configuration of Amazon resources in your Amazon account. With Amazon Config, you can review changes in configurations and relationships between Amazon resources, explore resource configuration history, and use rules to determine compliance. For more information, see What Is Amazon Config? and How Amazon Config Works.


When you set up Amazon Config, you can complete the following:

Resource management

  • Specify the resource types you want Amazon Config to record.

Rules and conformance packs

  • Specify the rules that you want Amazon Config to use to evaluate compliance information for the recorded resource types.

  • Use conformance packs, or a collection of Amazon Config rules and remediation actions that can be deployed and monitored as a single entity in your Amazon account.

    For more information, see Evaluating Resources with Amazon Config Rules and Conformance Packs.


  • Use an aggregator to get a centralized view of your resource inventory and compliance. An aggregator is an Amazon Config resource type that collects Amazon Config configuration and compliance data from multiple Amazon accounts and Amazon Regions into a single account and Region.

    For more information, see Multi-Account Multi-Region Data Aggregation .

Advanced queries

Signing up for Amazon

Sign up for an Amazon Web Services account

If you do not have an Amazon Web Services account, use the following procedure to create one.

To sign up for Amazon Web Services
  1. Open and choose Sign Up.

  2. Follow the on-screen instructions.

Amazon sends you a confirmation email after the sign-up process is complete. At any time, you can view your current account activity and manage your account by going to and choosing My Account.

Secure IAM users

After you sign up for an Amazon Web Services account, safeguard your administrative user by turning on multi-factor authentication (MFA). For instructions, see Enable a virtual MFA device for an IAM user (console) in the IAM User Guide.

To give other users access to your Amazon Web Services account resources, create IAM users. To secure your IAM users, turn on MFA and only give the IAM users the permissions needed to perform their tasks.

For more information about creating and securing IAM users, see the following topics in the IAM User Guide:

Using Amazon Config

After you sign up for an Amazon account, you can get started with Amazon Config with the Amazon Web Services Management Console, Amazon CLI, or the Amazon SDKs. For more information about using the Amazon CLI or Amazon SDKs, see Setting Up Amazon Config with the Amazon CLI and Amazon Software Development Kits for Amazon Config.

You can also use the console for a quick and streamlined process. For more information, see Setting Up Amazon Config with the Console.