aggregation_authorizations
Creates, updates, deletes or gets an aggregation_authorization resource or lists aggregation_authorizations in a region
Overview
| Name | aggregation_authorizations |
| Type | Resource |
| Description | Resource Type definition for AWS::Config::AggregationAuthorization |
| Id | awscc.config.aggregation_authorizations |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
authorized_account_id | string | The 12-digit account ID of the account authorized to aggregate data. |
authorized_aws_region | string | The region authorized to collect aggregated data. |
aggregation_authorization_arn | string | The ARN of the AggregationAuthorization. |
tags | array | The tags for the AggregationAuthorization. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
authorized_account_id | string | The 12-digit account ID of the account authorized to aggregate data. |
authorized_aws_region | string | The region authorized to collect aggregated data. |
region | string | AWS region. |
For more information, see AWS::Config::AggregationAuthorization.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | aggregation_authorizations | INSERT | AuthorizedAccountId, AuthorizedAwsRegion, region |
delete_resource | aggregation_authorizations | DELETE | Identifier, region |
update_resource | aggregation_authorizations | UPDATE | Identifier, PatchDocument, region |
list_resources | aggregation_authorizations_list_only | SELECT | region |
get_resource | aggregation_authorizations | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual aggregation_authorization.
SELECT
region,
authorized_account_id,
authorized_aws_region,
aggregation_authorization_arn,
tags
FROM awscc.config.aggregation_authorizations
WHERE
region = 'us-east-1' AND
Identifier = '{{ authorized_account_id }}|{{ authorized_aws_region }}';
Lists all aggregation_authorizations in a region.
SELECT
region,
authorized_account_id,
authorized_aws_region
FROM awscc.config.aggregation_authorizations_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new aggregation_authorization resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.config.aggregation_authorizations (
AuthorizedAccountId,
AuthorizedAwsRegion,
region
)
SELECT
'{{ authorized_account_id }}',
'{{ authorized_aws_region }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.config.aggregation_authorizations (
AuthorizedAccountId,
AuthorizedAwsRegion,
Tags,
region
)
SELECT
'{{ authorized_account_id }}',
'{{ authorized_aws_region }}',
'{{ tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: aggregation_authorization
props:
- name: authorized_account_id
value: '{{ authorized_account_id }}'
- name: authorized_aws_region
value: '{{ authorized_aws_region }}'
- name: tags
value:
- key: '{{ key }}'
value: '{{ value }}'
UPDATE example
Use the following StackQL query and manifest file to update a aggregation_authorization resource, using stack-deploy.
/*+ update */
UPDATE awscc.config.aggregation_authorizations
SET PatchDocument = string('{{ {
"Tags": tags
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ authorized_account_id }}|{{ authorized_aws_region }}';
DELETE example
/*+ delete */
DELETE FROM awscc.config.aggregation_authorizations
WHERE
Identifier = '{{ authorized_account_id }}|{{ authorized_aws_region }}' AND
region = 'us-east-1';
Permissions
To operate on the aggregation_authorizations resource, the following permissions are required:
- Create
- Update
- Read
- Delete
- List
config:DescribeAggregationAuthorizations,
config:PutAggregationAuthorization,
config:TagResource
config:DescribeAggregationAuthorizations,
config:TagResource,
config:UntagResource,
config:ListTagsForResource
config:DescribeAggregationAuthorizations,
config:ListTagsForResource
config:DescribeAggregationAuthorizations,
config:DeleteAggregationAuthorization,
config:UntagResource
config:DescribeAggregationAuthorizations