wesupport

Need help?

Our experts have had an average response time of 13.14 minutes in February 2024 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

Delete AWS Config Rule – View, Delete & Troubleshoot

by | Jul 27, 2021

To delete AWS Config Rule, we need to go to the Rules page on the AWS Management Console

Here, at Bobcares, we assist our customers with several AWS queries as part of our AWS Support Services.

Today, let us see how we can delete AWS Config Rule and troubleshoot a related error.

 

Delete AWS Config Rule

On the Rules page, we can view the rules for the region in the account. In addition, we can see the evaluation status for each rule.

To view the rules:

  1. Initially, we sign in to the AWS Management Console and open the AWS Config console.
  2. Then we verify that the region selector is set to a region that supports AWS Config rules.
  3. Eventually, we select Rules.

It shows all the current rules in the AWS account. Also, it lists the name, associated remediation action, and compliance status.

To delete a rule:

  1. First, we select a rule from the table to delete.
  2. Then from the Actions dropdown list, we select the Delete rule.
  3. When we see a prompt, we type “Delete” (case-sensitive) and then select Delete.

 

How to troubleshoot a Common Error?

While we delete a config rule, it is quite possible for us to come across the following error:

“An error has occurred with AWS Config.”

Moving ahead, our Support Techs recommend few steps to troubleshoot this error from occurring.

The AWS IAM entity has permissions for the DeleteConfigRule API action

  1. We open the IAM console, and then in the navigation pane select, Users or Roles.
  2. Then we select the user or role we used to delete the AWS Config rule, and expand Permissions policies.
  3. Here, we select JSON.
  4. After that, we confirm that the IAM policy allows permissions for the DeleteConfigRule API action.

The IAM entity permission boundary allows the DeleteConfigRule API action

In case the IAM entity has a permission boundary we need to make sure it allows the DeleteConfigRule API action.

  1. To do so, we select the IAM console, and then in the navigation pane > Users or Roles.
  2. We select the user or role that we used to delete the AWS Config rule.
  3. Then we expand the Permissions boundary to select JSON.
  4. Later, we confirm that the IAM policy allows permissions for the DeleteConfigRule API action.

The service control policy (SCP) allows the DeleteConfigRule API action

  1. Open the AWS Organizations console using the management account.
  2. In Account name, we select the AWS account.
  3. In Policies, we expand Service control policies and note the SCP policies that are attached.
  4. Then from the top of the page, we select Policies.
  5. We select the policy and then select View details.
  6. Then we confirm that the policy allows the DeleteConfigRule API action.

The rule isn’t a service-linked rule

When we enable a security standard, AWS Security Hub creates AWS Config service-linked rules.

We can’t delete these service-linked rules using AWS Config.

No remediation actions are in progress

It is not possible for us to delete rules that have remediation actions in progress.

In such a case, we follow the instructions to delete the remediation action that associates with that rule.

Then, we try to delete the Config rule again.

[Need help with the process? We’d be happy to assist you]

 

Conclusion

To conclude, here we saw how our Support Techs go about deleting Config Rule in AWS.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Categories

Tags