Help Center/ Config/ User Guide/ Resource Aggregation/ Creating a Resource Aggregator
Updated on 2024-11-12 GMT+08:00
View PDF
Share

Creating a Resource Aggregator

Scenarios

You can create an account specific or organization specific aggregator.

To aggregate data from a source account, an account aggregator must obtain related authorization. For details, see Authorizing a Resource Aggregator Account.

To create an organization aggregator, you need the following permissions for Organizations:

  • organizations:organizations:get
  • organizations:accounts:list
  • organizations:delegatedAdministrators:list
  • organizations:trustedServices:enable
  • organizations:trustedServices:list

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner. Under Management & Governance, click Config.
  3. In the navigation pane on the left, choose Resource Aggregation > Aggregators.
  4. In the upper right corner, click Create Aggregator.
  5. On the Create Aggregator page, select Allow data replication and configure the aggregator name and source accounts.

    If you select Add individual account IDs for Source Type, enter account IDs and separate them with commas (,). If you select Add my organization, the resource aggregator automatically aggregates data from all member accounts that are in the normal state in the organization.

    Figure 1 Create Aggregator
    • An account specific aggregator can only aggregate data from accounts, so source account IDs must be specified. For details about how to obtain an account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
    • If you need to create an organization aggregator, you must use an organization management account or a delegated administrator account of Config and the Organizations service must be enabled. For details, see Specifying, Viewing, or Removing a Delegated Administrator. If an organization management account is used to create organization aggregators, Config will enable the integration with Organizations by using the enableTrustedService API. If a delegated administrator account of Config is used, Config will call the DelegatedAdministrators API to check whether the account used is valid.

  6. Click OK.
Parent topic: Resource Aggregation