Skip to content

Instantly share code, notes, and snippets.

@varunchandak

varunchandak/enable-aws-config-all-regions.sh

Last active January 23, 2022 11:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save varunchandak/95e391467e25bd5b5aa794df669d3b87 to your computer and use it in GitHub Desktop.
Save varunchandak/95e391467e25bd5b5aa794df669d3b87 to your computer and use it in GitHub Desktop.
Download ZIP
Enable AWS Config in all regions
Raw
enable-aws-config-all-regions.sh
#!/bin/bash
aws ec2 describe-regions | jq -r '.Regions[].RegionName' | while read REGION; do
export AWS_DEFAULT_REGION="$REGION"
export AWS_REGION="$REGION"
export AWS_DEFAULT_OUTPUT="json"
export AWS_ACCOUNT_ID="$(aws sts get-caller-identity --output json | jq -r .Account)"
export CENTRAL_AWS_BUCKET="config-bucket-123456789012"
echo "$REGION"
echo "{\"name\": \"default\",\"s3BucketName\": \"$CENTRAL_AWS_BUCKET\",\"configSnapshotDeliveryProperties\": {\"deliveryFrequency\": \"Three_Hours\"}}" > deliveryChannel.json
aws configservice put-configuration-recorder --configuration-recorder name="default",roleARN=arn:aws:iam::"$AWS_ACCOUNT_ID":role/aws-service-role/config.amazonaws.com/AWSServiceRoleForConfig --recording-group allSupported=true,includeGlobalResourceTypes=true
aws configservice put-delivery-channel --delivery-channel file://deliveryChannel.json || exit 1
aws configservice start-configuration-recorder --configuration-recorder-name default
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment