# values in init_config are used globally; these credentials will be used for all AWS accounts
aws_access_key_id: '' # The AWS Access Key ID. Leave empty quotes if the Agent is running on an EC2 instance or ECS/EKS cluster with an IAM role
aws_secret_access_key: '' # The AWS Secret Access Key. Leave empty quotes if the Agent is running on an EC2 instance or ECS/EKS cluster with an IAM role
external_id: uniquesecret!1 # Set the same external ID when creating the CloudFormation stack in every account and region
# full_run_interval: 3600 # Time in seconds between a full AWS topology scan. Intermediate runs only fetch events. Is not required.
- role_arn: arn:aws:iam::123456789012:role/StackStateAwsIntegrationRole # Substitute 123456789012 with the target AWS account ID to read
regions: # The Agent will only attempt to find resources in regions specified below
- global # global is a special "region" for global resources such as Route53
min_collection_interval: 60 # The amount of time in seconds between each scan. Decreasing this value will not appreciably increase topology update speed.
# apis_to_run: # Optionally whitelist specific AWS services. It is not recommended to set this; instead rely on IAM permissions.
# log_bucket_name: '' # The S3 bucket that the agent should read events from. This value should only be set in custom implementations.