AWS Config 의 기록 대상이 되는 리소스 수를 확인해 보자!
안녕하세요! 클래스메소드 금상원 입니다.
이번 블로그에서는 AWS Config 에서 기록 대상이 되는 리소스 수를 확인하는 방법에 대해 알아보겠습니다.
리소스 기록이란?
AWS Config 는 지원되는 리소스 유형이 생성, 변경 또는 삭제되는 시기를 지속적으로 감지합니다.는 이러한 이벤트를 구성 항목(CIs)으로 AWS Config 기록합니다.
AWS Config의 기록 대상이 되는 리소스의 수를 확인해 보기
아래의 코드를 위의 화면처럼 AWS 홈페이지에 로그인을한 후 Cloud Shell 에서 실행하시면 됩니다.
주의 사항
아래 코드의 「RESOURCE_TYPES」 는 2025.07.07일 기준으로 AWS CLI 문서 「list-discovered-resources」 를 참고하였으므로, 코드를 실행하실 때에는 반드시 해당 문서를 참고해 주세요.
단일 리전
__
「REGION="ap-northeast-2";」 __ 의 REGION 값을 검색하려는 리전으로 변경하고 사용해 주세요.
bash -c 'read -r -d "" RESOURCE_TYPES << EOM
AWS::EC2::CustomerGateway
AWS::EC2::EIP
AWS::EC2::Host
AWS::EC2::Instance
AWS::EC2::InternetGateway
AWS::EC2::NetworkAcl
AWS::EC2::NetworkInterface
AWS::EC2::RouteTable
AWS::EC2::SecurityGroup
AWS::EC2::Subnet
AWS::CloudTrail::Trail
AWS::EC2::Volume
AWS::EC2::VPC
AWS::EC2::VPNConnection
AWS::EC2::VPNGateway
AWS::EC2::RegisteredHAInstance
AWS::EC2::NatGateway
AWS::EC2::EgressOnlyInternetGateway
AWS::EC2::VPCEndpoint
AWS::EC2::VPCEndpointService
AWS::EC2::FlowLog
AWS::EC2::VPCPeeringConnection
AWS::Elasticsearch::Domain
AWS::IAM::Group
AWS::IAM::Policy
AWS::IAM::Role
AWS::IAM::User
AWS::ElasticLoadBalancingV2::LoadBalancer
AWS::ACM::Certificate
AWS::RDS::DBInstance
AWS::RDS::DBSubnetGroup
AWS::RDS::DBSecurityGroup
AWS::RDS::DBSnapshot
AWS::RDS::DBCluster
AWS::RDS::DBClusterSnapshot
AWS::RDS::EventSubscription
AWS::S3::Bucket
AWS::S3::AccountPublicAccessBlock
AWS::Redshift::Cluster
AWS::Redshift::ClusterSnapshot
AWS::Redshift::ClusterParameterGroup
AWS::Redshift::ClusterSecurityGroup
AWS::Redshift::ClusterSubnetGroup
AWS::Redshift::EventSubscription
AWS::SSM::ManagedInstanceInventory
AWS::CloudWatch::Alarm
AWS::CloudFormation::Stack
AWS::ElasticLoadBalancing::LoadBalancer
AWS::AutoScaling::AutoScalingGroup
AWS::AutoScaling::LaunchConfiguration
AWS::AutoScaling::ScalingPolicy
AWS::AutoScaling::ScheduledAction
AWS::DynamoDB::Table
AWS::CodeBuild::Project
AWS::WAF::RateBasedRule
AWS::WAF::Rule
AWS::WAF::RuleGroup
AWS::WAF::WebACL
AWS::WAFRegional::RateBasedRule
AWS::WAFRegional::Rule
AWS::WAFRegional::RuleGroup
AWS::WAFRegional::WebACL
AWS::CloudFront::Distribution
AWS::CloudFront::StreamingDistribution
AWS::Lambda::Function
AWS::NetworkFirewall::Firewall
AWS::NetworkFirewall::FirewallPolicy
AWS::NetworkFirewall::RuleGroup
AWS::ElasticBeanstalk::Application
AWS::ElasticBeanstalk::ApplicationVersion
AWS::ElasticBeanstalk::Environment
AWS::WAFv2::WebACL
AWS::WAFv2::RuleGroup
AWS::WAFv2::IPSet
AWS::WAFv2::RegexPatternSet
AWS::WAFv2::ManagedRuleSet
AWS::XRay::EncryptionConfig
AWS::SSM::AssociationCompliance
AWS::SSM::PatchCompliance
AWS::Shield::Protection
AWS::ShieldRegional::Protection
AWS::Config::ConformancePackCompliance
AWS::Config::ResourceCompliance
AWS::ApiGateway::Stage
AWS::ApiGateway::RestApi
AWS::ApiGatewayV2::Stage
AWS::ApiGatewayV2::Api
AWS::CodePipeline::Pipeline
AWS::ServiceCatalog::CloudFormationProvisionedProduct
AWS::ServiceCatalog::CloudFormationProduct
AWS::ServiceCatalog::Portfolio
AWS::SQS::Queue
AWS::KMS::Key
AWS::QLDB::Ledger
AWS::SecretsManager::Secret
AWS::SNS::Topic
AWS::SSM::FileData
AWS::Backup::BackupPlan
AWS::Backup::BackupSelection
AWS::Backup::BackupVault
AWS::Backup::RecoveryPoint
AWS::ECR::Repository
AWS::ECS::Cluster
AWS::ECS::Service
AWS::ECS::TaskDefinition
AWS::EFS::AccessPoint
AWS::EFS::FileSystem
AWS::EKS::Cluster
AWS::OpenSearch::Domain
AWS::EC2::TransitGateway
AWS::Kinesis::Stream
AWS::Kinesis::StreamConsumer
AWS::CodeDeploy::Application
AWS::CodeDeploy::DeploymentConfig
AWS::CodeDeploy::DeploymentGroup
AWS::EC2::LaunchTemplate
AWS::ECR::PublicRepository
AWS::GuardDuty::Detector
AWS::EMR::SecurityConfiguration
AWS::SageMaker::CodeRepository
AWS::Route53Resolver::ResolverEndpoint
AWS::Route53Resolver::ResolverRule
AWS::Route53Resolver::ResolverRuleAssociation
AWS::DMS::ReplicationSubnetGroup
AWS::DMS::EventSubscription
AWS::MSK::Cluster
AWS::StepFunctions::Activity
AWS::WorkSpaces::Workspace
AWS::WorkSpaces::ConnectionAlias
AWS::SageMaker::Model
AWS::ElasticLoadBalancingV2::Listener
AWS::StepFunctions::StateMachine
AWS::Batch::JobQueue
AWS::Batch::ComputeEnvironment
AWS::AccessAnalyzer::Analyzer
AWS::Athena::WorkGroup
AWS::Athena::DataCatalog
AWS::Detective::Graph
AWS::GlobalAccelerator::Accelerator
AWS::GlobalAccelerator::EndpointGroup
AWS::GlobalAccelerator::Listener
AWS::EC2::TransitGatewayAttachment
AWS::EC2::TransitGatewayRouteTable
AWS::DMS::Certificate
AWS::AppConfig::Application
AWS::AppSync::GraphQLApi
AWS::DataSync::LocationSMB
AWS::DataSync::LocationFSxLustre
AWS::DataSync::LocationS3
AWS::DataSync::LocationEFS
AWS::DataSync::Task
AWS::DataSync::LocationNFS
AWS::EC2::NetworkInsightsAccessScopeAnalysis
AWS::EKS::FargateProfile
AWS::Glue::Job
AWS::GuardDuty::ThreatIntelSet
AWS::GuardDuty::IPSet
AWS::SageMaker::Workteam
AWS::SageMaker::NotebookInstanceLifecycleConfig
AWS::ServiceDiscovery::Service
AWS::ServiceDiscovery::PublicDnsNamespace
AWS::SES::ContactList
AWS::SES::ConfigurationSet
AWS::Route53::HostedZone
AWS::IoTEvents::Input
AWS::IoTEvents::DetectorModel
AWS::IoTEvents::AlarmModel
AWS::ServiceDiscovery::HttpNamespace
AWS::Events::EventBus
AWS::ImageBuilder::ContainerRecipe
AWS::ImageBuilder::DistributionConfiguration
AWS::ImageBuilder::InfrastructureConfiguration
AWS::DataSync::LocationObjectStorage
AWS::DataSync::LocationHDFS
AWS::Glue::Classifier
AWS::Route53RecoveryReadiness::Cell
AWS::Route53RecoveryReadiness::ReadinessCheck
AWS::ECR::RegistryPolicy
AWS::Backup::ReportPlan
AWS::Lightsail::Certificate
AWS::RUM::AppMonitor
AWS::Events::Endpoint
AWS::SES::ReceiptRuleSet
AWS::Events::Archive
AWS::Events::ApiDestination
AWS::Lightsail::Disk
AWS::FIS::ExperimentTemplate
AWS::DataSync::LocationFSxWindows
AWS::SES::ReceiptFilter
AWS::GuardDuty::Filter
AWS::SES::Template
AWS::AmazonMQ::Broker
AWS::AppConfig::Environment
AWS::AppConfig::ConfigurationProfile
AWS::Cloud9::EnvironmentEC2
AWS::EventSchemas::Registry
AWS::EventSchemas::RegistryPolicy
AWS::EventSchemas::Discoverer
AWS::FraudDetector::Label
AWS::FraudDetector::EntityType
AWS::FraudDetector::Variable
AWS::FraudDetector::Outcome
AWS::IoT::Authorizer
AWS::IoT::SecurityProfile
AWS::IoT::RoleAlias
AWS::IoT::Dimension
AWS::IoTAnalytics::Datastore
AWS::Lightsail::Bucket
AWS::Lightsail::StaticIp
AWS::MediaPackage::PackagingGroup
AWS::Route53RecoveryReadiness::RecoveryGroup
AWS::ResilienceHub::ResiliencyPolicy
AWS::Transfer::Workflow
AWS::EKS::IdentityProviderConfig
AWS::EKS::Addon
AWS::Glue::MLTransform
AWS::IoT::Policy
AWS::IoT::MitigationAction
AWS::IoTTwinMaker::Workspace
AWS::IoTTwinMaker::Entity
AWS::IoTAnalytics::Dataset
AWS::IoTAnalytics::Pipeline
AWS::IoTAnalytics::Channel
AWS::IoTSiteWise::Dashboard
AWS::IoTSiteWise::Project
AWS::IoTSiteWise::Portal
AWS::IoTSiteWise::AssetModel
AWS::IVS::Channel
AWS::IVS::RecordingConfiguration
AWS::IVS::PlaybackKeyPair
AWS::KinesisAnalyticsV2::Application
AWS::RDS::GlobalCluster
AWS::S3::MultiRegionAccessPoint
AWS::DeviceFarm::TestGridProject
AWS::Budgets::BudgetsAction
AWS::Lex::Bot
AWS::CodeGuruReviewer::RepositoryAssociation
AWS::IoT::CustomMetric
AWS::Route53Resolver::FirewallDomainList
AWS::RoboMaker::RobotApplicationVersion
AWS::EC2::TrafficMirrorSession
AWS::IoTSiteWise::Gateway
AWS::Lex::BotAlias
AWS::LookoutMetrics::Alert
AWS::IoT::AccountAuditConfiguration
AWS::EC2::TrafficMirrorTarget
AWS::S3::StorageLens
AWS::IoT::ScheduledAudit
AWS::Events::Connection
AWS::EventSchemas::Schema
AWS::MediaPackage::PackagingConfiguration
AWS::KinesisVideo::SignalingChannel
AWS::AppStream::DirectoryConfig
AWS::LookoutVision::Project
AWS::Route53RecoveryControl::Cluster
AWS::Route53RecoveryControl::SafetyRule
AWS::Route53RecoveryControl::ControlPanel
AWS::Route53RecoveryControl::RoutingControl
AWS::Route53RecoveryReadiness::ResourceSet
AWS::RoboMaker::SimulationApplication
AWS::RoboMaker::RobotApplication
AWS::HealthLake::FHIRDatastore
AWS::Pinpoint::Segment
AWS::Pinpoint::ApplicationSettings
AWS::Events::Rule
AWS::EC2::DHCPOptions
AWS::EC2::NetworkInsightsPath
AWS::EC2::TrafficMirrorFilter
AWS::EC2::IPAM
AWS::IoTTwinMaker::Scene
AWS::NetworkManager::TransitGatewayRegistration
AWS::CustomerProfiles::Domain
AWS::AutoScaling::WarmPool
AWS::Connect::PhoneNumber
AWS::AppConfig::DeploymentStrategy
AWS::AppFlow::Flow
AWS::AuditManager::Assessment
AWS::CloudWatch::MetricStream
AWS::DeviceFarm::InstanceProfile
AWS::DeviceFarm::Project
AWS::EC2::EC2Fleet
AWS::EC2::SubnetRouteTableAssociation
AWS::ECR::PullThroughCacheRule
AWS::GroundStation::Config
AWS::ImageBuilder::ImagePipeline
AWS::IoT::FleetMetric
AWS::IoTWireless::ServiceProfile
AWS::NetworkManager::Device
AWS::NetworkManager::GlobalNetwork
AWS::NetworkManager::Link
AWS::NetworkManager::Site
AWS::Panorama::Package
AWS::Pinpoint::App
AWS::Redshift::ScheduledAction
AWS::Route53Resolver::FirewallRuleGroupAssociation
AWS::SageMaker::AppImageConfig
AWS::SageMaker::Image
AWS::ECS::TaskSet
AWS::Cassandra::Keyspace
AWS::Signer::SigningProfile
AWS::Amplify::App
AWS::AppMesh::VirtualNode
AWS::AppMesh::VirtualService
AWS::AppRunner::VpcConnector
AWS::AppStream::Application
AWS::CodeArtifact::Repository
AWS::EC2::PrefixList
AWS::EC2::SpotFleet
AWS::Evidently::Project
AWS::Forecast::Dataset
AWS::IAM::SAMLProvider
AWS::IAM::ServerCertificate
AWS::Pinpoint::Campaign
AWS::Pinpoint::InAppTemplate
AWS::SageMaker::Domain
AWS::Transfer::Agreement
AWS::Transfer::Connector
AWS::KinesisFirehose::DeliveryStream
AWS::Amplify::Branch
AWS::AppIntegrations::EventIntegration
AWS::AppMesh::Route
AWS::Athena::PreparedStatement
AWS::EC2::IPAMScope
AWS::Evidently::Launch
AWS::Forecast::DatasetGroup
AWS::GreengrassV2::ComponentVersion
AWS::GroundStation::MissionProfile
AWS::MediaConnect::FlowEntitlement
AWS::MediaConnect::FlowVpcInterface
AWS::MediaTailor::PlaybackConfiguration
AWS::MSK::Configuration
AWS::Personalize::Dataset
AWS::Personalize::Schema
AWS::Personalize::Solution
AWS::Pinpoint::EmailTemplate
AWS::Pinpoint::EventStream
AWS::ResilienceHub::App
AWS::ACMPCA::CertificateAuthority
AWS::AppConfig::HostedConfigurationVersion
AWS::AppMesh::VirtualGateway
AWS::AppMesh::VirtualRouter
AWS::AppRunner::Service
AWS::CustomerProfiles::ObjectType
AWS::DMS::Endpoint
AWS::EC2::CapacityReservation
AWS::EC2::ClientVpnEndpoint
AWS::Kendra::Index
AWS::KinesisVideo::Stream
AWS::Logs::Destination
AWS::Pinpoint::EmailChannel
AWS::S3::AccessPoint
AWS::NetworkManager::CustomerGatewayAssociation
AWS::NetworkManager::LinkAssociation
AWS::IoTWireless::MulticastGroup
AWS::Personalize::DatasetGroup
AWS::IoTTwinMaker::ComponentType
AWS::CodeBuild::ReportGroup
AWS::SageMaker::FeatureGroup
AWS::MSK::BatchScramSecret
AWS::AppStream::Stack
AWS::IoT::JobTemplate
AWS::IoTWireless::FuotaTask
AWS::IoT::ProvisioningTemplate
AWS::InspectorV2::Filter
AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
AWS::ServiceDiscovery::Instance
AWS::Transfer::Certificate
AWS::MediaConnect::FlowSource
AWS::APS::RuleGroupsNamespace
AWS::CodeGuruProfiler::ProfilingGroup
AWS::Route53Resolver::ResolverQueryLoggingConfig
AWS::Batch::SchedulingPolicy
AWS::ACMPCA::CertificateAuthorityActivation
AWS::AppMesh::GatewayRoute
AWS::AppMesh::Mesh
AWS::Connect::Instance
AWS::Connect::QuickConnect
AWS::EC2::CarrierGateway
AWS::EC2::IPAMPool
AWS::EC2::TransitGatewayConnect
AWS::EC2::TransitGatewayMulticastDomain
AWS::ECS::CapacityProvider
AWS::IAM::InstanceProfile
AWS::IoT::CACertificate
AWS::IoTTwinMaker::SyncJob
AWS::KafkaConnect::Connector
AWS::Lambda::CodeSigningConfig
AWS::NetworkManager::ConnectPeer
AWS::ResourceExplorer2::Index
AWS::AppStream::Fleet
AWS::Cognito::UserPool
AWS::Cognito::UserPoolClient
AWS::Cognito::UserPoolGroup
AWS::EC2::NetworkInsightsAccessScope
AWS::EC2::NetworkInsightsAnalysis
AWS::Grafana::Workspace
AWS::GroundStation::DataflowEndpointGroup
AWS::ImageBuilder::ImageRecipe
AWS::KMS::Alias
AWS::M2::Environment
AWS::QuickSight::DataSource
AWS::QuickSight::Template
AWS::QuickSight::Theme
AWS::RDS::OptionGroup
AWS::Redshift::EndpointAccess
AWS::Route53Resolver::FirewallRuleGroup
AWS::SSM::Document
EOM
REGION="ap-northeast-2"; \ # リージョンを指定
grand_total=0; \
echo "=============================="; \
echo "AWS Config Resource Count"; \
echo "=============================="; \
echo "Region: ${REGION}"; \
region_total=0; \
while read -r type; do
if [[ -n "${type}" ]]; then
count=$(aws configservice list-discovered-resources \
--region "${REGION}" \
--resource-type "${type}" \
--query "resourceIdentifiers | length(@)" \
--output output text 2>/dev/null | grep -o '[0-9]*' | head -1);
if [[ $? -ne 0 || -z "${count}" ]]; then
echo "${type}: Failed or not supported in ${REGION}"; \
count=0; \
fi; \
echo "${type}: ${count}"; \
region_total=$((region_total + count)); \
fi; \
done <<< "$RESOURCE_TYPES"; \
echo ""; \
echo "=============================="; \
echo "Total in ${REGION}: ${region_total}"; \
echo "=============================="'
모든 리전
모든 리전을 검색할 때 시간이 오래 걸릴 수 있으므로 전원이 않도록 주의해 주세요
bash -c 'read -r -d "" RESOURCE_TYPES << EOM
AWS::EC2::CustomerGateway
AWS::EC2::EIP
AWS::EC2::Host
AWS::EC2::Instance
AWS::EC2::InternetGateway
AWS::EC2::NetworkAcl
AWS::EC2::NetworkInterface
AWS::EC2::RouteTable
AWS::EC2::SecurityGroup
AWS::EC2::Subnet
AWS::CloudTrail::Trail
AWS::EC2::Volume
AWS::EC2::VPC
AWS::EC2::VPNConnection
AWS::EC2::VPNGateway
AWS::EC2::RegisteredHAInstance
AWS::EC2::NatGateway
AWS::EC2::EgressOnlyInternetGateway
AWS::EC2::VPCEndpoint
AWS::EC2::VPCEndpointService
AWS::EC2::FlowLog
AWS::EC2::VPCPeeringConnection
AWS::Elasticsearch::Domain
AWS::IAM::Group
AWS::IAM::Policy
AWS::IAM::Role
AWS::IAM::User
AWS::ElasticLoadBalancingV2::LoadBalancer
AWS::ACM::Certificate
AWS::RDS::DBInstance
AWS::RDS::DBSubnetGroup
AWS::RDS::DBSecurityGroup
AWS::RDS::DBSnapshot
AWS::RDS::DBCluster
AWS::RDS::DBClusterSnapshot
AWS::RDS::EventSubscription
AWS::S3::Bucket
AWS::S3::AccountPublicAccessBlock
AWS::Redshift::Cluster
AWS::Redshift::ClusterSnapshot
AWS::Redshift::ClusterParameterGroup
AWS::Redshift::ClusterSecurityGroup
AWS::Redshift::ClusterSubnetGroup
AWS::Redshift::EventSubscription
AWS::SSM::ManagedInstanceInventory
AWS::CloudWatch::Alarm
AWS::CloudFormation::Stack
AWS::ElasticLoadBalancing::LoadBalancer
AWS::AutoScaling::AutoScalingGroup
AWS::AutoScaling::LaunchConfiguration
AWS::AutoScaling::ScalingPolicy
AWS::AutoScaling::ScheduledAction
AWS::DynamoDB::Table
AWS::CodeBuild::Project
AWS::WAF::RateBasedRule
AWS::WAF::Rule
AWS::WAF::RuleGroup
AWS::WAF::WebACL
AWS::WAFRegional::RateBasedRule
AWS::WAFRegional::Rule
AWS::WAFRegional::RuleGroup
AWS::WAFRegional::WebACL
AWS::CloudFront::Distribution
AWS::CloudFront::StreamingDistribution
AWS::Lambda::Function
AWS::NetworkFirewall::Firewall
AWS::NetworkFirewall::FirewallPolicy
AWS::NetworkFirewall::RuleGroup
AWS::ElasticBeanstalk::Application
AWS::ElasticBeanstalk::ApplicationVersion
AWS::ElasticBeanstalk::Environment
AWS::WAFv2::WebACL
AWS::WAFv2::RuleGroup
AWS::WAFv2::IPSet
AWS::WAFv2::RegexPatternSet
AWS::WAFv2::ManagedRuleSet
AWS::XRay::EncryptionConfig
AWS::SSM::AssociationCompliance
AWS::SSM::PatchCompliance
AWS::Shield::Protection
AWS::ShieldRegional::Protection
AWS::Config::ConformancePackCompliance
AWS::Config::ResourceCompliance
AWS::ApiGateway::Stage
AWS::ApiGateway::RestApi
AWS::ApiGatewayV2::Stage
AWS::ApiGatewayV2::Api
AWS::CodePipeline::Pipeline
AWS::ServiceCatalog::CloudFormationProvisionedProduct
AWS::ServiceCatalog::CloudFormationProduct
AWS::ServiceCatalog::Portfolio
AWS::SQS::Queue
AWS::KMS::Key
AWS::QLDB::Ledger
AWS::SecretsManager::Secret
AWS::SNS::Topic
AWS::SSM::FileData
AWS::Backup::BackupPlan
AWS::Backup::BackupSelection
AWS::Backup::BackupVault
AWS::Backup::RecoveryPoint
AWS::ECR::Repository
AWS::ECS::Cluster
AWS::ECS::Service
AWS::ECS::TaskDefinition
AWS::EFS::AccessPoint
AWS::EFS::FileSystem
AWS::EKS::Cluster
AWS::OpenSearch::Domain
AWS::EC2::TransitGateway
AWS::Kinesis::Stream
AWS::Kinesis::StreamConsumer
AWS::CodeDeploy::Application
AWS::CodeDeploy::DeploymentConfig
AWS::CodeDeploy::DeploymentGroup
AWS::EC2::LaunchTemplate
AWS::ECR::PublicRepository
AWS::GuardDuty::Detector
AWS::EMR::SecurityConfiguration
AWS::SageMaker::CodeRepository
AWS::Route53Resolver::ResolverEndpoint
AWS::Route53Resolver::ResolverRule
AWS::Route53Resolver::ResolverRuleAssociation
AWS::DMS::ReplicationSubnetGroup
AWS::DMS::EventSubscription
AWS::MSK::Cluster
AWS::StepFunctions::Activity
AWS::WorkSpaces::Workspace
AWS::WorkSpaces::ConnectionAlias
AWS::SageMaker::Model
AWS::ElasticLoadBalancingV2::Listener
AWS::StepFunctions::StateMachine
AWS::Batch::JobQueue
AWS::Batch::ComputeEnvironment
AWS::AccessAnalyzer::Analyzer
AWS::Athena::WorkGroup
AWS::Athena::DataCatalog
AWS::Detective::Graph
AWS::GlobalAccelerator::Accelerator
AWS::GlobalAccelerator::EndpointGroup
AWS::GlobalAccelerator::Listener
AWS::EC2::TransitGatewayAttachment
AWS::EC2::TransitGatewayRouteTable
AWS::DMS::Certificate
AWS::AppConfig::Application
AWS::AppSync::GraphQLApi
AWS::DataSync::LocationSMB
AWS::DataSync::LocationFSxLustre
AWS::DataSync::LocationS3
AWS::DataSync::LocationEFS
AWS::DataSync::Task
AWS::DataSync::LocationNFS
AWS::EC2::NetworkInsightsAccessScopeAnalysis
AWS::EKS::FargateProfile
AWS::Glue::Job
AWS::GuardDuty::ThreatIntelSet
AWS::GuardDuty::IPSet
AWS::SageMaker::Workteam
AWS::SageMaker::NotebookInstanceLifecycleConfig
AWS::ServiceDiscovery::Service
AWS::ServiceDiscovery::PublicDnsNamespace
AWS::SES::ContactList
AWS::SES::ConfigurationSet
AWS::Route53::HostedZone
AWS::IoTEvents::Input
AWS::IoTEvents::DetectorModel
AWS::IoTEvents::AlarmModel
AWS::ServiceDiscovery::HttpNamespace
AWS::Events::EventBus
AWS::ImageBuilder::ContainerRecipe
AWS::ImageBuilder::DistributionConfiguration
AWS::ImageBuilder::InfrastructureConfiguration
AWS::DataSync::LocationObjectStorage
AWS::DataSync::LocationHDFS
AWS::Glue::Classifier
AWS::Route53RecoveryReadiness::Cell
AWS::Route53RecoveryReadiness::ReadinessCheck
AWS::ECR::RegistryPolicy
AWS::Backup::ReportPlan
AWS::Lightsail::Certificate
AWS::RUM::AppMonitor
AWS::Events::Endpoint
AWS::SES::ReceiptRuleSet
AWS::Events::Archive
AWS::Events::ApiDestination
AWS::Lightsail::Disk
AWS::FIS::ExperimentTemplate
AWS::DataSync::LocationFSxWindows
AWS::SES::ReceiptFilter
AWS::GuardDuty::Filter
AWS::SES::Template
AWS::AmazonMQ::Broker
AWS::AppConfig::Environment
AWS::AppConfig::ConfigurationProfile
AWS::Cloud9::EnvironmentEC2
AWS::EventSchemas::Registry
AWS::EventSchemas::RegistryPolicy
AWS::EventSchemas::Discoverer
AWS::FraudDetector::Label
AWS::FraudDetector::EntityType
AWS::FraudDetector::Variable
AWS::FraudDetector::Outcome
AWS::IoT::Authorizer
AWS::IoT::SecurityProfile
AWS::IoT::RoleAlias
AWS::IoT::Dimension
AWS::IoTAnalytics::Datastore
AWS::Lightsail::Bucket
AWS::Lightsail::StaticIp
AWS::MediaPackage::PackagingGroup
AWS::Route53RecoveryReadiness::RecoveryGroup
AWS::ResilienceHub::ResiliencyPolicy
AWS::Transfer::Workflow
AWS::EKS::IdentityProviderConfig
AWS::EKS::Addon
AWS::Glue::MLTransform
AWS::IoT::Policy
AWS::IoT::MitigationAction
AWS::IoTTwinMaker::Workspace
AWS::IoTTwinMaker::Entity
AWS::IoTAnalytics::Dataset
AWS::IoTAnalytics::Pipeline
AWS::IoTAnalytics::Channel
AWS::IoTSiteWise::Dashboard
AWS::IoTSiteWise::Project
AWS::IoTSiteWise::Portal
AWS::IoTSiteWise::AssetModel
AWS::IVS::Channel
AWS::IVS::RecordingConfiguration
AWS::IVS::PlaybackKeyPair
AWS::KinesisAnalyticsV2::Application
AWS::RDS::GlobalCluster
AWS::S3::MultiRegionAccessPoint
AWS::DeviceFarm::TestGridProject
AWS::Budgets::BudgetsAction
AWS::Lex::Bot
AWS::CodeGuruReviewer::RepositoryAssociation
AWS::IoT::CustomMetric
AWS::Route53Resolver::FirewallDomainList
AWS::RoboMaker::RobotApplicationVersion
AWS::EC2::TrafficMirrorSession
AWS::IoTSiteWise::Gateway
AWS::Lex::BotAlias
AWS::LookoutMetrics::Alert
AWS::IoT::AccountAuditConfiguration
AWS::EC2::TrafficMirrorTarget
AWS::S3::StorageLens
AWS::IoT::ScheduledAudit
AWS::Events::Connection
AWS::EventSchemas::Schema
AWS::MediaPackage::PackagingConfiguration
AWS::KinesisVideo::SignalingChannel
AWS::AppStream::DirectoryConfig
AWS::LookoutVision::Project
AWS::Route53RecoveryControl::Cluster
AWS::Route53RecoveryControl::SafetyRule
AWS::Route53RecoveryControl::ControlPanel
AWS::Route53RecoveryControl::RoutingControl
AWS::Route53RecoveryReadiness::ResourceSet
AWS::RoboMaker::SimulationApplication
AWS::RoboMaker::RobotApplication
AWS::HealthLake::FHIRDatastore
AWS::Pinpoint::Segment
AWS::Pinpoint::ApplicationSettings
AWS::Events::Rule
AWS::EC2::DHCPOptions
AWS::EC2::NetworkInsightsPath
AWS::EC2::TrafficMirrorFilter
AWS::EC2::IPAM
AWS::IoTTwinMaker::Scene
AWS::NetworkManager::TransitGatewayRegistration
AWS::CustomerProfiles::Domain
AWS::AutoScaling::WarmPool
AWS::Connect::PhoneNumber
AWS::AppConfig::DeploymentStrategy
AWS::AppFlow::Flow
AWS::AuditManager::Assessment
AWS::CloudWatch::MetricStream
AWS::DeviceFarm::InstanceProfile
AWS::DeviceFarm::Project
AWS::EC2::EC2Fleet
AWS::EC2::SubnetRouteTableAssociation
AWS::ECR::PullThroughCacheRule
AWS::GroundStation::Config
AWS::ImageBuilder::ImagePipeline
AWS::IoT::FleetMetric
AWS::IoTWireless::ServiceProfile
AWS::NetworkManager::Device
AWS::NetworkManager::GlobalNetwork
AWS::NetworkManager::Link
AWS::NetworkManager::Site
AWS::Panorama::Package
AWS::Pinpoint::App
AWS::Redshift::ScheduledAction
AWS::Route53Resolver::FirewallRuleGroupAssociation
AWS::SageMaker::AppImageConfig
AWS::SageMaker::Image
AWS::ECS::TaskSet
AWS::Cassandra::Keyspace
AWS::Signer::SigningProfile
AWS::Amplify::App
AWS::AppMesh::VirtualNode
AWS::AppMesh::VirtualService
AWS::AppRunner::VpcConnector
AWS::AppStream::Application
AWS::CodeArtifact::Repository
AWS::EC2::PrefixList
AWS::EC2::SpotFleet
AWS::Evidently::Project
AWS::Forecast::Dataset
AWS::IAM::SAMLProvider
AWS::IAM::ServerCertificate
AWS::Pinpoint::Campaign
AWS::Pinpoint::InAppTemplate
AWS::SageMaker::Domain
AWS::Transfer::Agreement
AWS::Transfer::Connector
AWS::KinesisFirehose::DeliveryStream
AWS::Amplify::Branch
AWS::AppIntegrations::EventIntegration
AWS::AppMesh::Route
AWS::Athena::PreparedStatement
AWS::EC2::IPAMScope
AWS::Evidently::Launch
AWS::Forecast::DatasetGroup
AWS::GreengrassV2::ComponentVersion
AWS::GroundStation::MissionProfile
AWS::MediaConnect::FlowEntitlement
AWS::MediaConnect::FlowVpcInterface
AWS::MediaTailor::PlaybackConfiguration
AWS::MSK::Configuration
AWS::Personalize::Dataset
AWS::Personalize::Schema
AWS::Personalize::Solution
AWS::Pinpoint::EmailTemplate
AWS::Pinpoint::EventStream
AWS::ResilienceHub::App
AWS::ACMPCA::CertificateAuthority
AWS::AppConfig::HostedConfigurationVersion
AWS::AppMesh::VirtualGateway
AWS::AppMesh::VirtualRouter
AWS::AppRunner::Service
AWS::CustomerProfiles::ObjectType
AWS::DMS::Endpoint
AWS::EC2::CapacityReservation
AWS::EC2::ClientVpnEndpoint
AWS::Kendra::Index
AWS::KinesisVideo::Stream
AWS::Logs::Destination
AWS::Pinpoint::EmailChannel
AWS::S3::AccessPoint
AWS::NetworkManager::CustomerGatewayAssociation
AWS::NetworkManager::LinkAssociation
AWS::IoTWireless::MulticastGroup
AWS::Personalize::DatasetGroup
AWS::IoTTwinMaker::ComponentType
AWS::CodeBuild::ReportGroup
AWS::SageMaker::FeatureGroup
AWS::MSK::BatchScramSecret
AWS::AppStream::Stack
AWS::IoT::JobTemplate
AWS::IoTWireless::FuotaTask
AWS::IoT::ProvisioningTemplate
AWS::InspectorV2::Filter
AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
AWS::ServiceDiscovery::Instance
AWS::Transfer::Certificate
AWS::MediaConnect::FlowSource
AWS::APS::RuleGroupsNamespace
AWS::CodeGuruProfiler::ProfilingGroup
AWS::Route53Resolver::ResolverQueryLoggingConfig
AWS::Batch::SchedulingPolicy
AWS::ACMPCA::CertificateAuthorityActivation
AWS::AppMesh::GatewayRoute
AWS::AppMesh::Mesh
AWS::Connect::Instance
AWS::Connect::QuickConnect
AWS::EC2::CarrierGateway
AWS::EC2::IPAMPool
AWS::EC2::TransitGatewayConnect
AWS::EC2::TransitGatewayMulticastDomain
AWS::ECS::CapacityProvider
AWS::IAM::InstanceProfile
AWS::IoT::CACertificate
AWS::IoTTwinMaker::SyncJob
AWS::KafkaConnect::Connector
AWS::Lambda::CodeSigningConfig
AWS::NetworkManager::ConnectPeer
AWS::ResourceExplorer2::Index
AWS::AppStream::Fleet
AWS::Cognito::UserPool
AWS::Cognito::UserPoolClient
AWS::Cognito::UserPoolGroup
AWS::EC2::NetworkInsightsAccessScope
AWS::EC2::NetworkInsightsAnalysis
AWS::Grafana::Workspace
AWS::GroundStation::DataflowEndpointGroup
AWS::ImageBuilder::ImageRecipe
AWS::KMS::Alias
AWS::M2::Environment
AWS::QuickSight::DataSource
AWS::QuickSight::Template
AWS::QuickSight::Theme
AWS::RDS::OptionGroup
AWS::Redshift::EndpointAccess
AWS::Route53Resolver::FirewallRuleGroup
AWS::SSM::Document
EOM
REGIONS=$(aws ec2 describe-regions --query "Regions[].RegionName" --output text); \
grand_total=0; \
echo "=============================="; \
echo "AWS Config Resource Count (All Regions)"; \
echo "=============================="; \
echo "----------------------------------------"; \
for region in ${REGIONS}; do
echo "Region: ${region}"; \
region_total=0; \
while read -r type; do
if [[ -n "${type}" ]]; then
count=$(aws configservice list-discovered-resources \
--region "${region}" \
--resource-type "${type}" \
--query "resourceIdentifiers | length(@)" \
--output output text 2>/dev/null | grep -o '[0-9]*' | head -1);
if [[ $? -ne 0 || -z "${count}" ]]; then
echo "${type}: Failed or not supported in ${region}"; \
count=0; \
fi; \
echo "${type}: ${count}"; \
region_total=$((region_total + count)); \
fi; \
done <<< "$RESOURCE_TYPES"; \
echo "Total in ${region}: ${region_total}"; \
grand_total=$((grand_total + region_total)); \
echo "----------------------------------------"; \
done; \
echo ""; \
echo "=============================="; \
echo "Grand Total (All Regions): ${grand_total}"; \
echo "=============================="'
마무리
이상으로 AWS Config에서 기록 대상이 되는 리소스 수를 확인하는 방법에 대해 알아보았습니다.
이번 글이 AWS Config를 활용하시는 데에 조금이나마 도움이 되었으면 좋겠습니다.
참고 자료
문의 사항은 클래스메소드 코리아로!
클래스메소드 코리아에서는 다양한 세미나 및 이벤트를 진행하고 있습니다.
진행중인 이벤트는 아래 페이지를 참고해주세요.
AWS에 대한 상담 및 클래스 메소드 멤버스에 관한 문의사항은 아래 메일로 연락주시면 감사드립니다!
Info@classmethod.kr