- 최신
- 최다 투표
- 가장 많은 댓글
Hello.
As far as I know, there is no way to get all the configuration contents at once.
So, why not try getting the configuration information of the supported AWS resources one by one using "batch-get-resource-config" as shown below?
I think you can also create shell scripts by combining it with "list-discovered-resources" etc.
https://docs.aws.amazon.com/cli/latest/reference/configservice/batch-get-resource-config.html
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/configservice/list-discovered-resources.html
aws configservice batch-get-resource-config --resource-keys resourceType="AWS::EC2::Instance",resourceId="i-yyyyyyyyyyy" --region ap-northeast-1
I think you will need to configure settings such as AWS Config, so please also check the document below.
https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html
Alternatively, there may be a way to obtain details using the "describe" command on the AWS CLI for each AWS resource.
Are you maybe thinking of restoring it someday? Since you are asking this, I assume you haven't used infrastructure-as-code (Cloudformation, Terraform, CDK ...) approach on creating, but rather done it from console or cmd-line, because then restore or rather rebuild would be possible without taking that backup of configuration. There are also tools like Former2 that can generate IaC code from your AWS account. Just don't expect to be able to run it as-is when you decide to come back as things might have change. Simple example would be naming of S3 buckets. Namespace is global and when you delete your bucket called "my-first-s3-bucket", that name can be taken by someone else and you won't be able create it again. Also any kind of hard-coded references in accounts and resource IDs (e.g. in IAM policies) are going to be difficult to restore without rewriting.
I guess the short answer is "no", but there are ways to do this to certain extent. I would ask, have you thought just stopping active components that generate cost when idle and leaving everything else (including you data) in-place. If it is likely you will need this in months, this might be the best option. And if it turns out you don't, after awhile you might not need that backup anyways because some of it has become obsolite anyways.
