AWS Config - track resource unsupported in a region

0

In AWS documentation to Config I stumbled on the following statement:

If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config, even if the specified resource type is not supported in the AWS Region where you set up AWS Config.

I think I need more explanation. E.g. according to the doc Resoruce Coverage by Region Availability, the AWS::EC2::LaunchTemplate resource is not supported in sa-east-1 (Sao Paulo) region. I created a configuration recorder and created the resource. It took some time for the configuration recorder to register the launch template in the Sao Paulo region, but now I can see it in the "Resource" and I can see its configuration history. This brings the question of what the support in the Resoruce Coverage by Region Availability documentation really mean?

If a resource can be recorded even in a region where it is supposedly unsupported, what does the original statement mean?

EDIT: Deekshitha Urs answer clarified why unsupported resource is tracked by Config. Now, assuming the resource is not supported and not tracked in the region, i can I enable this "recording of that resource type in all Regions" functionality?

profile picture
已提問 1 個月前檢視次數 73 次
1 個回答
1

AWS Config can potentially record resources across all regions, even if the resource type is not officially supported in a particular region according to the "Resource Coverage by Region Availability" documentation.

When you create a resource in a region where it is not officially supported, AWS Config may still attempt to record it. This can explain why you see the resource (like AWS::EC2::LaunchTemplate) being recorded in the sa-east-1 (São Paulo) region, despite it not being listed as supported there. However, this behavior might not be consistent or reliable, and AWS does not guarantee that all configuration changes or details will be captured as thoroughly as they would be in a region where the resource type is officially supported.

You mentioned it took some time for the configuration recorder to register the launch template. This delay can occur because the support for recording in an unsupported region might not be optimized, and AWS Config might take longer to process the resource data.

Official support in the documentation means that AWS guarantees the resource type will be fully tracked and recorded in those regions. The ability to record a resource type in unsupported regions is a flexible feature of AWS Config, but it comes with no guarantee of completeness or timeliness.

profile pictureAWS
專家
Deeksha
已回答 1 個月前
profile picture
專家
已審閱 1 個月前
profile pictureAWS
專家
已審閱 1 個月前
  • Thank you for your answer. This make it more clear. However, now I would want to ask how to enable the mentioned cross-region tracking, when the resource is indeed not supported. For example assuming the Launch template would not be tracked in the São Paulo region. How can I enable tracking of that resource in São Paulo region from e.g. Ireland? I couldn't find any option on configuration recorder and aggregators, as far as I understand, are only read-only and consume data from recorders from within that region.

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南