(Author: Reprinted by the Halo Cloud SA team, please indicate the author and source)
In the previous articles, we have introduced how individuals can open an AWS overseas account and use the one-year AWS free package. It also briefly introduces how to create your first EC2 instance and first S3 bucket after opening an account.
In this article, we will share how to view all region resources under your account through the AWS Config console.
This function is very important. Because AWS overseas accounts can provide services across multiple regions, if you enable services in multiple regions, it will be difficult to remember exactly which services are enabled in that region after a long time. If you do not shut down unnecessary services in time, you may be charged some fees.
Using AWS Config, you can easily query the services enabled by an account in all aws regions. Specific steps are as follows:
Step 1 Enable Config in a region
Log in to the AWS config console, follow the config guide and click "Get Started"
Enter the Config setting page
Check the two options next to "All Resources".
Of course, you can choose according to your needs. The following SNS notification is optional. You can create another storage bucket or create one now. The role is required. If you don't want to create a role yourself, select "Use existing config service-related roles".
Click "Next" to enter the rules page
Here are some rules related to setting compliance, based on which compliance checks are performed. Our purpose this time is to check the usage of resources, no need to set rules, just "Next".
Review, "Confirm", and the Config setting is complete.
Go back to the control panel, click "Resources" on the left,
On the "Resource List" page, there is a drop-down box,
Choose according to your needs, we click "Select All", click "Query" at the back, and you can see the resources enabled under the current account:
But what you see here is the resources of the current region, and other regions still cannot see it.
OK, let's continue. (Note: After opening Config in a region, you can see all available resources of an account under the region, but only in the region.)
Step 2 Enable Config in each region
Repeat step 1 in each region of AWS, so that the Config service is enabled in all regions.
The next thing we need to do is to collect the Config data of all regions for processing.
Note: If you only want to view the resource configuration of a limited number of regions, just enable the Config service in the corresponding region.
Step 3 Set up an aggregator
So far, we have enabled Config in all regions, now select a region to create an aggregator.
As the name implies, an aggregator aggregates the configuration information of all regions.
Select a region to enter the Config control panel, click "Aggregated View" under it, and enter the aggregated view page (for convenience, we will continue the region operation in the previous step)
Click "Add Aggregator" to enter the settings page.
Select "Allow copying" > specify the name of the aggregator > add a single account (that is, a 12-digit account) -> region (select all regions)
Note: During the test, the drop-down box of the area may not be displayed for a long time due to network reasons, so you need to wait patiently.
Finally, click "Save", and you can see the aggregator you just created on the aggregation view page:
Ok, the aggregator was created successfully.
Click "Resources" under "Aggregate View" on the left side of the page
Select "Select All" in the "Resource Type" drop-down box
Click "Find"
Because it is a test, I did not actually enable config in all regions, so only 4 region resources are shown in the above figure.
Step 4 Verification
Select "ec2 instance" in the resource type drop-down box, which is the most important resource, click "Search"
You can see that I created ec2 instances in two regions (I really forgot that there are 2 ec2s), click one of the resource identifiers, enter its configuration page, and view its detailed configuration information
Then switch to the ec2 console under the region,
It can be seen that there is indeed an ec2 instance. Fortunately, I chose to stop, otherwise I would have to deduct money again, which hurts. At this point, the verification is complete.
Follow our Zhihu column "Halo Cloud Community" for more AWS tutorials and cloud computing articles.
Reference documents:
AWS official documentation: Setting up an aggregator using the console