I am currently trying to create an aggregator for all of the config rules I created in order for a client to have a centralized place to view all regions config metrics.
Here is my code to create the configAggregator:
//adding role for configAggregator
const configAggregatorRole = new iam.Role(this, 'configAggregatorRole' ,{
assumedBy: new iam.ServicePrincipal('config.amazonaws.com')
});
configAggregatorRole.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSConfigRoleforOrganizations'));
configAggregatorRole.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('ReadOnlyAccess'));
//adding a content aggregator for managed config rules below
const globalConfigAggregator = new config.CfnConfigurationAggregator(this, 'globalConfigAggregator',{
configurationAggregatorName: 'globalConfigAggregator',
AccountAggregationSourceProperty: {
accountIds : this.account
}
});
}
}
I am currently trying to figure out what I should pass to specify that I want this account and x region to be the aggregated view of all the config rules in all the regions in that account. I am not sure how to do this. Thank you!