Locale selector icon
Feb202027

Deprecation of AWS Config Items Collection and Reporting

After careful consideration, the CloudHealth product team has decided to end-of-life AWS Config Items reporting. Specifically, the AWS Config event tracking (Reports > Governance > AWS Config) and per resource config event mapping on the AWS Config tab of the asset details pages (Assets > By Service > AWS > EC2 > Instances > [Resource-Id]) are being impacted. These reports will be removed from the platform on March 25, 2020. AWS Config Rules and Evaluation Results reporting will remain unaffected.

Based on an extensive analysis, we determined that due to low feature adoption and limited value-add for our customers, it would benefit the vast majority of our users to free up the engineering resources committed to the upkeep of these reports. As a result, our engineering resources will shift focus to expanding and improving our compliance reporting based on Config Rules and Evaluation Results.

Please reach out to aws-config-deprecation@groups.vmware.com for any questions or concerns regarding this announcement.

Update Your IAM Policy Permissions — Action Required

We’re in the process of upgrading the logic to verify bucket public accessibility through AWS. There is an additional permission that you need to add to your IAM policy associated with our assumed role:

  • s3:GetBucketPolicyStatus

Learn more about updating AWS account policies in this Help Center article.

Update to EC2 Custom CloudWatch Namespaces — Perl Scripts

As previously announced, we added support for collecting EC2 disk and memory metrics pushed by the CloudWatch agent to any of the following custom Namespaces:

  • CWAgent

  • System/Linux

  • System/Windows

This week, we made it more useful by adding support for collecting EC2 disk and memory metrics pushed by PERL scripts to any of the aforementioned custom Namespaces. You can enable this integration by selecting the appropriate Namespaces on the CloudHealth Account Setup Page.

Once an account has Namespaces, the data will appear in CloudHealth for use in functionality such as EC2 Rightsizing. If you haven’t already been using our CloudWatch integration, you’ll also need to enable the CloudWatch integration and provide the following IAM permissions to our assumed role:

  • cloudwatch:GetMetricData

  • cloudwatch:ListMetrics

Learn more about the custom CloudWatch Namespaces integration in this Help Center article.