By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Config Rules - Certain rules don't allow you to use Scope

0

Hello, I'm trying to use AWS Config rules to only track resources with specific tags.

From what I understand, I should be able to use the 'Scope' attribute for each rule.

I've found that certain rules don't let you use the 'Scope' attribute, so I am automatically tracking every resource for those rules. See screenshots below.

Is this intended or is there any fix for this?

Thank you

Doesn't allow scope -

Rule that doesn't allow scope

Allows scope -

Rule that allows scope

  • Vardan Matevosyan AWS
    8 months ago

    If there are any further questions feel free to ask. If the answer below is satisfactory to you please mark it as accepted. Thanks!

Topics
Management & Governance
Tags
AWS Config
Language
English
Matt
asked 8 months ago253 views
1 Answer
0
Accepted Answer

Hello, it does not necessarily depend on the rule per se, it depends on the Trigger type of the rule, where in the 2nd case it gets triggered when there is a configuration change (therefore you have options to choose which resources/scope) whereas in the 1st case its triggered periodically, which does not depend on the resources. And of course some rules are triggered one way or the other depending on the nature.

Hope this helps. Thanks!

AWS
Vardan Matevosyan AWS
answered 8 months ago
profile pictureAWS
EXPERT
Jose Guay
reviewed 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content