For most AWS account users, they sometimes experience an error message "An error has occurred with AWS Config" after enabling AWS Security Hub. AWS Security Hub helps to manage and displays security alerts in relation to an associated AWS account.
As part of our Server Support Services, We have helped customers solve AWS related issues.
In this context, we will look into why this issue occurs and how to resolve it.
When this error occurs, you will a message such as;
An error has occurred with AWS Config. Contact AWS Support
The main reasons for this error is due to situations when there are Duplicate accounts and Permission issues.
Aws resources is managed by the AWS Identity and Access Management (IAM) which a web service which controls access to the AWS resources securely.
In cases where an action is being carried out by the IAM which the necessary permissions, an error could trigger. Where a duplicate account exists, an AWS config resource type known as an Aggregator which house the AWS config configuration and data from multiple accounts will throw an error.
To solve this error, it is important to check that the AWS config is activated in the same AWS level as the Security hub. This can be manually set in the AWS config console.
Additionally, you can monitor the AWS CloudTrail log data using Amazon Cloudwatch log filter patterns.
To fix permissions issues, ensure that the AWS Security Hub is full assigned the expected roles to assume full permissions to AWS services. You can apply the following attributes in the AWS Config;
{
“Effect”: “Allow”,
“Action”: [
“config:PutConfigRule”,
“config:DeleteConfigRule”,
“config:GetComplianceDetailsByConfigRule”,
“config:DescribeConfigRuleEvaluationStatus”
],
“Resource”: “arn:aws:config:*:*:config-rule/aws-service-rule/*securityhub*”
}
Easy way to fix an error has occurred with AWS Config.