AWS Config aggregator advanced SQL-like query using Python and boto3. These advanced queries are much more efficient than previous Config query methods.

config_aggreg_adv_query.py

#!/usr/bin/env python3

# Example usage from shell:
#
#     AWS_PROFILE=organization-management-account AGGREGATOR_NAME=my-config-aggregator python ~/tmp/config_aggreg_adv_query.py
#

import os
import json
import boto3

config = boto3.client("config")


# Load aggregator name from environment variable. Or, if only one aggregator exists in the current
# region, use that aggregator by default
aggregator_name = os.environ.get("AGGREGATOR_NAME", "")
if not aggregator_name:
    aggregators = config.describe_configuration_aggregators()[
        "ConfigurationAggregators"
    ]
    if len(aggregators) != 1:
        raise Exception(
            "ERROR - specify Config aggregator name using environment variable 'AGGREGATOR_NAME'. List available"
            " aggregators with aws-cli: aws configservice describe-configuration-aggregators"
        )
    aggregator_name = aggregators[0]["ConfigurationAggregatorName"]


query_expression = """
SELECT
  *,
  configuration
WHERE
  resourceType = 'AWS::EC2::Instance'
  AND tags.key = 'app'
"""
for pg in config.get_paginator("select_aggregate_resource_config").paginate(
    Expression=query_expression,
    ConfigurationAggregatorName=aggregator_name,
    MaxResults=3,
):
    for r_json in pg["Results"]:
        r = json.loads(r_json)
        print(json.dumps(r, default=str, indent=2))