Permissions needed in order to deploy and maintain AWS cofnig service


Hey guys, Hope you are doing well today! I have a question regarding AWS config, I want to deploy the service and download the HIPAA conformance pack. I wanted to have your guidance in order to know what are the minimal user permissions I'll need in order to deploy and maintain this service? Thanks in advance!

1 Answer

HI, Service-linked roles are predefined by AWS Config and include all the permissions that the service requires to call other AWS services. Pre-existing AWS Config role If you have used an AWS service that uses AWS Config, such as AWS Security Hub or AWS Control Tower, and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.

For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service (Amazon S3) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config. Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config, see AWS Identity and Access Management.

please take a look at the blog post links below as it provides guidance depending on your current setup.

Quick Setup AWS Config: AWS Config Manual Setup:

Permissions for the IAM Role Assigned to AWS Config

answered 9 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions