AWS Resource Explorer FAQs

General

AWS Resource Explorer is a managed capability that makes it quicker to search and discover your AWS resources across AWS Regions and accounts. You can start your search from the unified search bar in the AWS Management Console or the AWS Resource Explorer console, or use the AWS Command Line Interface (CLI) or the AWS SDKs. From the results returned, you can navigate directly to the appropriate service console and Region to work with that resource. You can further explore the results to filter through your resources using application identifiers, tags, service types, and other metadata.

By using AWS Resource Explorer, you can save time, money, and effort by discovering your resources across AWS Regions and accounts without manually constructing and maintaining resource inventories. AWS Resource Explorer does not require you to learn a query language or construct complex queries, so you can find your resources even if you do not know exactly which resource you’re searching for or in which AWS Region or account it is in. Results are sorted with the most relevant results at the top. You can learn more in our documentation.

AWS Resource Explorer supports resources with Amazon Resource Names (ARNs), such as Amazon Elastic Compute Cloud (EC2) instances, Amazon Kinesis data streams, and Amazon DynamoDB tables. A full list of supported resources is available in our documentation or accessible from the ListSupportedResourceTypes API.

To get started, you must turn on and set up AWS Resource Explorer in your account. Next, use freeform text and filters to search for your resources using unified search from the AWS Management Console or the AWS Resource Explorer console, or use the AWS CLI or the AWS SDKs. You can use AWS Resource Explorer to discover untagged resources, resources by Region, resources across accounts and resources by service type. To learn more about searching, see example Resource Explorer search queries.

Yes, with AWS Resource Explorer, you can search for resources across AWS Regions with a single search. To do so, you must search a view that has been configured in the Region that is your aggregator index. Read more about aggregator indexes.

Yes. You can configure AWS Resource Explorer across all accounts in your AWS Organization through AWS CloudFormation or AWS Systems Manager Quick Setup. Once configured, you can assign a Delegate Administrator and create multi-account views for your entire organization or for a specific organizational unit (OU). Multi-account views can then be shared with others within your organization using AWS Resource Access Manager.

You can share your AWS Resource Explorer views with any AWS account with AWS Resource Access Manager (AWS RAM). If you are part of an organization in AWS Organizations and sharing within your organization is enabled, you can also share resources with OUs or your entire organization.

You can see where AWS Resource Explorer is available by visiting AWS Regional Services.

AWS Resource Explorer can be accessed through the SDKs listed on the AWS tools page. AWS Resource Explorer is supported by AWS Command Line Interface (AWS CLI), a unified tool for you to download, configure, and control multiple AWS services from the command line and automate them through scripts.

AWS Resource Explorer indexes resources from supported services in the AWS Regions that you specify. In the management console, Resource Explorer also fetches additional resource properties from services such as AWS Config, AWS Cost Explorer, AWS CloudControl API, and AWS CloudTrail, if enabled.

AWS Config provides inventory, full configuration history, and the ability to track configuration changes in an AWS account or AWS Organization. These capabilities enable compliance auditing, security analysis, resource-change tracking, and troubleshooting. By using Resource Explorer, you can search for and find relevant AWS resources using application identifiers, basic resource metadata, and tags from anywhere in the AWS Management Console. If you already have AWS Config enabled or you enable it, you’ll be able to see compliance and configuration data in Resource Explorer.

By using the Quick setup to turn on AWS Resource Explorer, searching for resources in the unified search bar is automatically enabled. If you use Advanced setup, you must ensure that you have specified an aggregator index Region and configured a default view to that Region. To learn more about unified search, see the unified search launch announcement.

AWS Resource Explorer is eventually consistent. AWS Resource Explorer achieves high availability by replicating data across multiple servers within Amazon data centers around the world. If a request to change some data is successful, the change is committed and safely stored. However, the change must then be replicated across AWS Resource Explorer, which can take up to 36 hours.

Security

AWS Resource Explorer indexes and processes only resource metadata such as Amazon Resource Number (ARN), Resource ID, and Region. It does not handle any customer data.

You control the data that is searchable in AWS Resource Explorer. You define which resources are visible in your AWS Resource Explorer views by using filters such as tag name and value, AWS Region, and service or resource type. For example, you can limit a view to search a specific application’s resources in a specific set of Regions, so users see resources that apply only to them.

When you turn on AWS Resource Explorer, you choose the AWS Regions to index. AWS Resource Explorer stores data about a Region’s resources only in that Region. AWS Resource Explorer can move data outside of that Region only if you enable an optional aggregator index. This aggregator index receives resource information from other Regions indexed in your account.

Yes. For example searches to identify untagged and improperly tagged resources, see the AWS documentation.

To identify untagged and improperly tagged resources, AWS also recommends implementing a tagging strategy in addition to using AWS Resource Explorer. See the AWS documentation on tagging best practices. To also manage tags on untagged and improperly tagged resources that you discover with AWS Resource Explorer, you can use the AWS Management Console, AWS Resource Groups Tag Editor, or the AWS Resource Groups Tagging API.

Pricing

No additional charge is incurred for using Resource Explorer. If enabled, some features in the Resource Explorer console are dependent on other AWS services, such as AWS Config, which are billed separately.