AWS Config - track resource unsupported in a region

0

In AWS documentation to Config I stumbled on the following statement:

If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config, even if the specified resource type is not supported in the AWS Region where you set up AWS Config.

I think I need more explanation. E.g. according to the doc Resoruce Coverage by Region Availability, the AWS::EC2::LaunchTemplate resource is not supported in sa-east-1 (Sao Paulo) region. I created a configuration recorder and created the resource. It took some time for the configuration recorder to register the launch template in the Sao Paulo region, but now I can see it in the "Resource" and I can see its configuration history. This brings the question of what the support in the Resoruce Coverage by Region Availability documentation really mean?

If a resource can be recorded even in a region where it is supposedly unsupported, what does the original statement mean?

EDIT: Deekshitha Urs answer clarified why unsupported resource is tracked by Config. Now, assuming the resource is not supported and not tracked in the region, i can I enable this "recording of that resource type in all Regions" functionality?

profile picture
질문됨 한 달 전74회 조회
1개 답변
1

AWS Config can potentially record resources across all regions, even if the resource type is not officially supported in a particular region according to the "Resource Coverage by Region Availability" documentation.

When you create a resource in a region where it is not officially supported, AWS Config may still attempt to record it. This can explain why you see the resource (like AWS::EC2::LaunchTemplate) being recorded in the sa-east-1 (São Paulo) region, despite it not being listed as supported there. However, this behavior might not be consistent or reliable, and AWS does not guarantee that all configuration changes or details will be captured as thoroughly as they would be in a region where the resource type is officially supported.

You mentioned it took some time for the configuration recorder to register the launch template. This delay can occur because the support for recording in an unsupported region might not be optimized, and AWS Config might take longer to process the resource data.

Official support in the documentation means that AWS guarantees the resource type will be fully tracked and recorded in those regions. The ability to record a resource type in unsupported regions is a flexible feature of AWS Config, but it comes with no guarantee of completeness or timeliness.

profile pictureAWS
전문가
Deeksha
답변함 한 달 전
profile picture
전문가
검토됨 한 달 전
profile pictureAWS
전문가
검토됨 한 달 전
  • Thank you for your answer. This make it more clear. However, now I would want to ask how to enable the mentioned cross-region tracking, when the resource is indeed not supported. For example assuming the Launch template would not be tracked in the São Paulo region. How can I enable tracking of that resource in São Paulo region from e.g. Ireland? I couldn't find any option on configuration recorder and aggregators, as far as I understand, are only read-only and consume data from recorders from within that region.

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠