diff --git a/modules/config_aggregator/README.md b/modules/config_aggregator/README.md
new file mode 100644
index 0000000..36338f0
--- /dev/null
+++ b/modules/config_aggregator/README.md
@@ -0,0 +1,73 @@
+
+# Config Aggregator Submodule for IBM Cloud App Configuration
+
+This submodule provisions an IBM Cloud Config Aggregator that collects and centralizes configuration data across an enterprise. It integrates with App Configuration and uses IBM IAM trusted profiles and templates to enable secure, scoped access to configuration insights across regions and accounts.
+
+## Purpose
+
+The `config_aggregator` module is designed to set up a configuration aggregator for your App Configuration instance, scoped either to a single account or to an IBM Cloud Enterprise. It helps consolidate resources and enforce policies across a multi-account environment by leveraging IAM Trusted Profiles and Templates.
+
+## Use Case
+
+Use this module when you want to:
+
+- Enable centralized collection of resource metadata.
+- Apply IAM templates and trusted profiles to configure access.
+- Scope configuration insights to your enterprise.
+- Automatically enable resource collection across all regions.
+
+## Example Usage
+
+```hcl
+module "config_aggregator" {
+  source = "../../modules/config_aggregator"
+
+  app_config_instance_guid      = module.app_config.app_config_guid
+  region                        = var.region
+  enterprise_id                 = var.enterprise_id
+  general_trusted_profile_id    = module.trusted_profiles.trusted_profile_app_config_general.profile_id
+  enterprise_trusted_profile_id = module.trusted_profiles.trusted_profile_app_config_enterprise.profile_id
+  trusted_profile_template_id   = module.trusted_profiles.trusted_profile_template_id
+}
+```
+
+## Inputs
+
+| Name                         | Description                                                                 | Type   | Required |
+|------------------------------|-----------------------------------------------------------------------------|--------|----------|
+| `app_config_instance_guid`   | GUID of the IBM App Configuration instance                                 | string | yes      |
+| `region`                     | IBM Cloud region where the App Config and aggregator are deployed          | string | yes      |
+| `enterprise_id`              | Enterprise ID used to scope the aggregator and profile templates           | string | yes      |
+| `general_trusted_profile_id`| Trusted profile ID for general collection access                           | string | yes      |
+| `enterprise_trusted_profile_id` | Trusted profile ID used for enterprise-level scoped access               | string | yes      |
+| `trusted_profile_template_id`| Template ID used to assign profiles to account groups                      | string | yes      |
+
+## Outputs
+
+None currently.
+
+## Resources Created
+
+- `ibm_config_aggregator_settings` — The main resource that defines configuration aggregation settings.
+
+## Behavior
+
+This submodule enables the following behavior:
+
+- **Resource collection** is enabled by default.
+- **All regions** are included in the resource collection.
+- **Enterprise scope** is configured through `additional_scope`, using the provided `enterprise_id`, `trusted_profile_template_id`, and `enterprise_trusted_profile_id`.
+
+## Related Documentation
+
+- [IBM Cloud App Configuration Documentation](https://cloud.ibm.com/docs/app-configuration)
+- [Terraform IBM Provider](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/resources/config_aggregator_settings)
+
+## Notes
+
+- Ensure that the `trusted_profile_template_id` and both trusted profile IDs are correctly created and propagated before using this module.
+- This submodule should be used as part of a larger stack that includes trusted profile and App Configuration provisioning.
+
+---
+
+© IBM Corporation 2024
diff --git a/modules/config_aggregator/main.tf b/modules/config_aggregator/main.tf
new file mode 100644
index 0000000..227aeba
--- /dev/null
+++ b/modules/config_aggregator/main.tf
@@ -0,0 +1,19 @@
+
+resource "ibm_config_aggregator_settings" "scc_wp_aggregator" {
+  instance_id                 = var.app_config_instance_guid
+  region                      = var.region
+  resource_collection_enabled = true
+  resource_collection_regions = ["all"]
+  trusted_profile_id          = var.general_trusted_profile_id
+
+  additional_scope {
+    type          = "Enterprise"
+    enterprise_id = var.enterprise_id
+
+    profile_template {
+    id = var.trusted_profile_template_id
+    trusted_profile_id = var.enterprise_trusted_profile_id
+    }
+  }
+}
+
diff --git a/modules/config_aggregator/outputs.tf b/modules/config_aggregator/outputs.tf
new file mode 100644
index 0000000..c7802a2
--- /dev/null
+++ b/modules/config_aggregator/outputs.tf
@@ -0,0 +1,9 @@
+output "config_aggregator_instance_id" {
+  description = "App Config instance ID used for aggregation"
+  value       = var.app_config_instance_guid
+}
+output "scc_wp_config_aggregator_id" {
+  description = "ID of the SCC-WP Config Aggregator"
+  value       = ibm_config_aggregator_settings.scc_wp_aggregator.id
+}
+
diff --git a/modules/config_aggregator/variables.tf b/modules/config_aggregator/variables.tf
new file mode 100644
index 0000000..da52518
--- /dev/null
+++ b/modules/config_aggregator/variables.tf
@@ -0,0 +1,29 @@
+variable "app_config_instance_guid" {
+  type        = string
+  description = "GUID of the App Configuration instance"
+}
+
+variable "region" {
+  type        = string
+  description = "Region where the Config Aggregator will be deployed"
+}
+
+variable "enterprise_id" {
+  type        = string
+  description = "Enterprise ID to scope the Config Aggregator"
+}
+
+variable "trusted_profile_template_id" {
+  type        = string
+  description = "Trusted Profile Template ID used for additional scope"
+}
+
+variable "enterprise_trusted_profile_id" {
+  type        = string
+  description = "Trusted Profile ID used to authorize resource collection scoping"
+}
+
+variable "general_trusted_profile_id" {
+  type        = string
+  description = "Trusted Profile ID used to authorize resource collection"
+}
diff --git a/modules/config_aggregator/version.tf b/modules/config_aggregator/version.tf
new file mode 100644
index 0000000..69cef2e
--- /dev/null
+++ b/modules/config_aggregator/version.tf
@@ -0,0 +1,9 @@
+terraform {
+  required_providers {
+    ibm = {
+      source  = "ibm-cloud/ibm"
+      version = ">= 1.65.0, < 2.0.0"
+    }
+  }
+}
+
diff --git a/outputs.tf b/outputs.tf
index 6046a45..fc63894 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -1,6 +1,10 @@
 ########################################################################################################################
 # Outputs
 ########################################################################################################################
+output "app_config_crn" {
+  description = "The CRN of the App Configuration instance"
+  value = ibm_resource_instance.app_config.crn
+}
 
 output "app_config_guid" {
   description = "GUID of the App Configuration instance"