Why is my AWS Config data not collected by the aggregator for my AWS account or AWS Organizations account?

2 minute read
0

I followed the instructions to set up an aggregator with AWS Config. However, no data was collected by the aggregator, or I received an error similar to the following: AWS Config does not have permission from the source account to replicate data into an aggregator account. Authorize aggregator account to replicate data from source accounts and region.

Short description

AWS Config aggregators are configured with AWS account IDs or AWS Organizations account IDs. You must specify the AWS Region for the aggregate data. If your aggregator source account is your AWS Organizations account, then authorization isn't required. If your aggregator source account is an individual AWS account, then authorization is required.

Note: To collect data from an Organizations account, the aggregator must be created from the management account or delegated administrator for AWS Config in that Region.

Resolution

Follow these instructions to add authorization to aggregator accounts with the AWS Config console or the AWS Command Line Interface (AWS CLI).

Important: Before you begin, be sure that the AWS CLI is installed and configured. If you receive errors with AWS CLI commands, then make sure to use the most recent version of the AWS CLI. Be sure that AWS Config and the AWS Config rules are set up in the same AWS Region as the source account.

AWS Config console

Follow the instructions to add authorization for Aggregator accounts and Regions.

AWS CLI

Follow the instructions for authorizing aggregator accounts to collect AWS Config configuration and compliance data using the AWS Command Line Interface.

Note: If you select multiple AWS Regions during aggregator set up, then be sure to authorize the aggregator request for each Region.

For more information, see Authorizing Aggregator Accounts to Collect AWS Config Configuration and Compliance Data Using the Console.

Related information

Authorize a pending request for an aggregator account

How can I troubleshoot AWS Config console error messages?

AWS OFFICIAL
AWS OFFICIALUpdated 3 months ago
2 Comments

Links on this article is outdated.

Ka Sen
replied 10 days ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied 9 days ago