Bobcares
Client Area
Emergency Support
Amazon Web Services (AWS) | Latest

AWS Config Error after enabling AWS Security Hub

by | Jul 28, 2021

AWS Config Error after enabling AWS Security Hub? We can help you.

In order to prevent this error, we need to enable AWS Config in the same Region as Security Hub.

Here, at Bobcares, we assist our customers with several AWS queries as part of our AWS Support Services.

Today, let us see how we can resolve this error.

 

AWS Config Error after enabling AWS Security Hub

Generally, we come across this error while we set up AWS Security Hub.

The error can be as follows:

“AWS Config is not enabled on some accounts.”
“AWS Config is not enabled in all regions”
“An error has occurred with AWS Config. Contact AWS Support.”

 

How to resolve this error?

Moving ahead, let us see how our Support Techs resolve this error for our customers.

 

AWS Config in the same AWS Region as Security Hub

First and foremost, we must manually enable the AWS Config in the same Region as Security Hub.

1. To do so, we open the AWS Config console in the same Region of the Security Hub.

2. If AWS Config is not enabled, we follow the instructions for setting up AWS Config with the Console.

In addition, if we have Security Hub in multiple Regions, we repeat these steps for them as well.

 

Verify AWS Config records all resources including global in our Region

We can modify the type of resources that AWS Config records.

1. Initially, we go to, AWS Config console > Settings.

2. Then, we confirm Recording is on.

3. In Resource types to record, we select Record all resources in this region.

4. Also, we select Include global resources.

5. Finally, we select Save.

 

Amazon CloudWatch log filter patterns to search AWS CloudTrail log data

To search for and troubleshoot AWS Config error messages, we go to CloudWatch console > Log groups

Then in the Filter, we paste the following example syntax > enter:

EventSource: config.amazonaws.com

Later we note the error.

 

Verify the permissions on the Security Hub service-linked role

To provide permissions to AWS services, AWS Security Hub uses service-linked roles.

The following AWS IAM permission allows access to AWS Config with Security Hub:

{
"Effect": "Allow",
"Action": [
"config:PutConfigRule",
"config:DeleteConfigRule",
"config:GetComplianceDetailsByConfigRule",
"config:DescribeConfigRuleEvaluationStatus"
],
"Resource": "arn:aws:config:*:*:config-rule/aws-service-rule/*securityhub*"
}

[Failed to fix the error? We are here for you]

 

Conclusion

In short, we saw how our Support Techs fix the AWS Config Error for our customers.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. CloudWatch agent won’t start on Windows Server – How to fix
  2. Resolve : Issue with SNS notification for CloudWatch alarm trigger
  3. Amazon CloudWatch agent won’t start – How to fix?
  4. Resolve: dockertimeouterror unable transition start timeout after wait 3m0s

Never again lose customers to poor
server speed! Let us help you.

GET STARTED