These examples demonstrate how to perform several AWS Config operations using the alpha version of the AWS SDK for Rust.
AWS Config provides a detailed view of the resources associated with your AWS account, including how they are configured, how they are related to one another, and how the configurations and their relationships have changed over time.
- Get resource configuration history (GetResourceConfigHistory)
- Delete configuration recorder (DeleteConfigurationRecorder)
- Delete delivery channel (DeleteDeliveryChannel)
- Enable configuration (DescribeConfigurationRecorders, DescribeDeliveryChannels, PutConfigurationRecorder, PutDeliveryChannel)
- List configuration recorders (DescribeConfigurationRecorders)
- List delivery channels (DescribeDeliveryChannels)
- List resources (ListDiscoveredResources)
- Show resource history (GetResourceConfigHistory)
- We recommend that you grant this code least privilege, or at most the minimum permissions required to perform the task. For more information, see Grant Least Privilege in the AWS Identity and Access Management User Guide.
- This code has not been tested in all AWS Regions. Some AWS services are available only in specific Regions.
- Running this code might result in charges to your AWS account.
You must have an AWS account, and have configured your default credentials and AWS Region as described in https://github.com/awslabs/aws-sdk-rust.
This example lists the configuration history for an AWS Config resource.
cargo run --bin config-helloworld -- -resource_id RESOURCE-ID -resource_type RESOURCE-TYPE NAME [-r REGION] [-v]
- RESOURCE-ID is the ID of the AWS Config resource.
- RESOURCE-TYPE is the type of the AWS Config resource, such as AWS::EC2::SecurityGroup.
- REGION is the Region in which the client is created. If not supplied, uses the value of the AWS_REGION environment variable. If the environment variable is not set, defaults to us-west-2.
- -v displays additional information.
This example deletes an AWS Config configuration recorder.
cargo run --bin delete-configuration-recorder -- -n NAME [-r REGION] [-v]
- NAME is the name of the configuration recorder to delete.
- REGION is the Region in which the client is created. If not supplied, uses the value of the AWS_REGION environment variable. If the environment variable is not set, defaults to us-west-2.
- -v displays additional information.
This example deletes an AWS Config delivery channel.
cargo run --bin delete-delivery-channel -- -c CHANNEL [-r REGION] [-v]
- CHANNEL is the name of the channel to delete.
- REGION is the Region in which the client is created. If not supplied, uses the value of the AWS_REGION environment variable. If the environment variable is not set, defaults to us-west-2.
- -v displays additional information.
This example enables AWS Config for a resource type, in the Region.
cargo run --bin enable-config -- -b BUCKET -i IAM-ARN -k KMS-ARN -n NAME -p PREFIX -s SNS-ARN -t TYPE [-r REGION] [-v]
- BUCKET is the name of the Amazon bucket to which AWS Config delivers configuration snapshots and configuration history files.
- IAM-ARN is the ARN of the IAM role that used to describe the AWS resources associated with the account.
- KMS-ARN is the ARN of the KMS key that used to encrypt the data in the bucket.
- NAME is the name of the configuration.
- PREFIX is the prefix for the bucket.
- SNS-ARN is the ARN of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
- TYPE is the type of resource for AWS Config to support.
If not supplied, defaults to
AWS::DynamoDB::Table(DynamoDB tables). - REGION is the Region in which the client is created. If not supplied, uses the value of the AWS_REGION environment variable. If the environment variable is not set, defaults to us-west-2.
- -v displays additional information.
This example lists the AWS Config configuration recorders in the Region.
cargo run --bin list-configuration-recorders -- [-r REGION] [-v]
- REGION is the Region in which the client is created. If not supplied, uses the value of the AWS_REGION environment variable. If the environment variable is not set, defaults to us-west-2.
- -v displays additional information.
This example lists the AWS Config delivery channels in the Region.
cargo run --bin list-delivery-channels -- [-r REGION] [-v]
- REGION is the Region in which the client is created. If not supplied, uses the value of the AWS_REGION environment variable. If the environment variable is not set, defaults to us-west-2.
- -v displays additional information.
This example lists your AWS Config resources, by resource type, in the Region.
cargo run --bin list-resources -- [-r REGION] [-v]
- REGION is the Region in which the client is created. If not supplied, uses the value of the AWS_REGION environment variable. If the environment variable is not set, defaults to us-west-2.
- -v displays additional information.
This example displays the configuration history for a resource.
cargo run --bin show-resource-history -- -i ID --resource-type RESOURCE-TYPE [-r REGION] [-v]
- ID is the ID of the resource.
- RESOURCE-TYPE is the resource type, such as
AWS::EC2::SecurityGroup. - REGION is the Region in which the client is created. If not supplied, uses the value of the AWS_REGION environment variable. If the environment variable is not set, defaults to us-west-2.
- -v displays additional information.
To propose a new code example to the AWS documentation team, see CONTRIBUTING.md. The team prefers to create code examples that show broad scenarios rather than individual API calls.
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: Apache-2.0