Create an Amazon Config configuration recorder using Quick Setup - Amazon Systems Manager
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Create an Amazon Config configuration recorder using Quick Setup

With Quick Setup, a capability of Amazon Systems Manager, you can quickly create a configuration recorder powered by Amazon Config. Use the configuration recorder to detect changes in your resource configurations and capture the changes as configuration items. If you're unfamiliar with Amazon Config, we recommend learning more about the service by reviewing the content in the Amazon Config Developer Guide before creating a configuration with Quick Setup. For more information about Amazon Config, see What is Amazon Config? in the Amazon Config Developer Guide.

By default, the configuration recorder records all supported resources in the Amazon Web Services Region where Amazon Config is running. You can customize the configuration so that only the resource types you specify are recorded. For more information, see Selecting which resources Amazon Config records in the Amazon Config Developer Guide.

You're charged service usage fees when Amazon Config starts recording configurations. For pricing information, see Amazon Config pricing.

Note

If you've already created a configuration recorder, Quick Setup doesn't stop recording or make any changes to resource types that you're already recording. If you choose to record additional resource types using Quick Setup, the service appends them to your existing recorder groups. Deleting the Quick Setup Config recording configuration type doesn't stop the configuration recorder. Changes continue to be recorded, and service usage fees apply until you stop the configuration recorder. To learn more about managing the configuration recorder, see Managing the Configuration Recorder in the Amazon Config Developer Guide.

To set up Amazon Config recording, perform the following tasks in the Amazon Systems Manager console.

To set up Amazon Config recording with Quick Setup

  1. Open the Amazon Systems Manager console at https://console.amazonaws.cn/systems-manager/.

  2. In the navigation pane, choose Quick Setup.

  3. On the Config Recording card, choose Create.

    Tip

    If you already have one or more configurations in your account, first choose the Library tab or the Create button in the Configurations section to view the cards.

  4. In the Configuration options section, do the following:

    1. For Choose the Amazon resource types to record, specify whether to record all supported resources or only the resource types you choose.

    2. For Delivery settings, specify whether to create a new Amazon Simple Storage Service (Amazon S3) bucket, or choose an existing bucket to send configuration snapshots to.

    3. For Notification options, choose the notification option you prefer. Amazon Config uses Amazon Simple Notification Service (Amazon SNS) to notify you about important Amazon Config events related to your resources. If you choose the Use existing SNS topics option, you must provide the Amazon Web Services account ID and name of the existing Amazon SNS topic in that account you want to use. If you target multiple Amazon Web Services Regions, the topic names must be identical in each Region.

  5. In the Schedule section, choose how frequently you want Quick Setup to remediate changes made to resources that differ from your configuration. The Default option runs once. If you don't want Quick Setup to remediate changes made to resources that differ from your configuration, choose Disable remediation under Custom.

  6. In the Targets section, choose one of the following to identify the accounts and Regions for recording.

    Note

    If you are working in a single account, options for working with organizations and organizational units (OUs) are not available. You can choose whether to apply this configuration to all Amazon Web Services Regions in your account or only the Regions you select.

    • Entire organization – All accounts and Regions in your organization.

    • Custom – Only the OUs and Regions that you specify.

      • In the Target OUs section, select the OUs where you want to allow recording.

      • In the Target Regions section, select the Regions where you want to allow recording.

    • Current account – Only the Regions you specify in the account you are currently signed into are targeted. Choose one of the following:

      • Current Region – Only managed nodes in the Region selected in the console are targeted.

      • Choose Regions – Choose the individual Regions to apply the recording configuration to.

  7. Choose Create.