SdkInternalList<T> accountIds
The 12-digit account ID of the account being aggregated.
Boolean allAwsRegions
If true, aggregate existing AWS Config regions and future regions.
SdkInternalList<T> awsRegions
The source regions being aggregated.
String configRuleName
The name of the AWS Config rule.
Compliance compliance
Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.
String accountId
The 12-digit account ID of the source account.
String awsRegion
The source region from where the data is aggregated.
String groupName
The 12-digit account ID or region based on the GroupByKey value.
ComplianceSummary complianceSummary
The number of compliant and noncompliant AWS Config rules.
String sourceId
The source account ID or an organization.
String sourceType
The source account or an organization.
String awsRegion
The region authorized to collect aggregated data.
String lastUpdateStatus
Filters the last updated status type.
Valid value FAILED indicates errors while moving data.
Valid value SUCCEEDED indicates the data was successfully moved.
Valid value OUTDATED indicates the data is not the most recent.
Date lastUpdateTime
The time of the last update.
String lastErrorCode
The error code that AWS Config returned when the source account aggregation last failed.
String lastErrorMessage
The message indicating that the source account aggregation failed due to an error.
EvaluationResultIdentifier evaluationResultIdentifier
Uniquely identifies the evaluation result.
String complianceType
The resource compliance status.
For the AggregationEvaluationResult data type, AWS Config supports only the COMPLIANT
and NON_COMPLIANT. AWS Config does not support the NOT_APPLICABLE and
INSUFFICIENT_DATA value.
Date resultRecordedTime
The time when AWS Config recorded the aggregate evaluation result.
Date configRuleInvokedTime
The time when the AWS Config rule evaluated the AWS resource.
String annotation
Supplementary information about how the agrregate evaluation determined the compliance.
String accountId
The 12-digit account ID of the source account.
String awsRegion
The source region from where the data is aggregated.
String sourceAccountId
The 12-digit account ID of the source account.
String sourceRegion
The source region where data is aggregated.
String resourceId
The ID of the AWS resource.
String resourceType
The type of the AWS resource.
String resourceName
The name of the AWS resource.
String aggregationAuthorizationArn
The Amazon Resource Name (ARN) of the aggregation object.
String authorizedAccountId
The 12-digit account ID of the account authorized to aggregate data.
String authorizedAwsRegion
The region authorized to collect aggregated data.
Date creationTime
The time stamp when the aggregation authorization was created.
String version
The version number of the resource configuration.
String accountId
The 12-digit AWS account ID associated with the resource.
Date configurationItemCaptureTime
The time when the configuration recording was initiated.
String configurationItemStatus
The configuration item status.
String configurationStateId
An identifier that indicates the ordering of the configuration items of a resource.
String arn
The Amazon Resource Name (ARN) of the resource.
String resourceType
The type of AWS resource.
String resourceId
The ID of the resource (for example., sg-xxxxxx).
String resourceName
The custom name of the resource, if available.
String awsRegion
The region where the resource resides.
String availabilityZone
The Availability Zone associated with the resource.
Date resourceCreationTime
The time stamp when the resource was created.
String configuration
The description of the resource configuration.
Map<K,V> supplementaryConfiguration
Configuration attributes that AWS Config returns for certain resource types to supplement the information returned for the configuration parameter.
String configurationAggregatorName
The name of the configuration aggregator.
SdkInternalList<T> resourceIdentifiers
A list of aggregate ResourceIdentifiers objects.
SdkInternalList<T> baseConfigurationItems
A list that contains the current configuration of one or more resources.
SdkInternalList<T> unprocessedResourceIdentifiers
A list of resource identifiers that were not processed with current scope. The list is empty if all the resources are processed.
SdkInternalList<T> resourceKeys
A list of resource keys to be processed with the current request. Each element in the list consists of the resource type and resource ID.
SdkInternalList<T> baseConfigurationItems
A list that contains the current configuration of one or more resources.
SdkInternalList<T> unprocessedResourceKeys
A list of resource keys that were not processed with the current response. The unprocessesResourceKeys value is in the same form as ResourceKeys, so the value can be directly provided to a subsequent BatchGetResourceConfig operation. If there are no unprocessed resource keys, the response contains an empty unprocessedResourceKeys list.
String complianceType
Indicates whether an AWS resource or AWS Config rule is compliant.
A resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.
A rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.
AWS Config returns the INSUFFICIENT_DATA value when no evaluation results are available for the AWS
resource or AWS Config rule.
For the Compliance data type, AWS Config supports only COMPLIANT,
NON_COMPLIANT, and INSUFFICIENT_DATA values. AWS Config does not support the
NOT_APPLICABLE value for the Compliance data type.
ComplianceContributorCount complianceContributorCount
The number of AWS resources or AWS Config rules that cause a result of NON_COMPLIANT, up to a
maximum number.
String configRuleName
The name of the AWS Config rule.
Compliance compliance
Indicates whether the AWS Config rule is compliant.
String resourceType
The type of the AWS resource that was evaluated.
String resourceId
The ID of the AWS resource that was evaluated.
Compliance compliance
Indicates whether the AWS resource complies with all of the AWS Config rules that evaluated it.
ComplianceContributorCount compliantResourceCount
The number of AWS Config rules or AWS resources that are compliant, up to a maximum of 25 for rules and 100 for resources.
ComplianceContributorCount nonCompliantResourceCount
The number of AWS Config rules or AWS resources that are noncompliant, up to a maximum of 25 for rules and 100 for resources.
Date complianceSummaryTimestamp
The time that AWS Config created the compliance summary.
String resourceType
The type of AWS resource.
ComplianceSummary complianceSummary
The number of AWS resources that are compliant or noncompliant, up to a maximum of 100 for each.
String lastStatus
Status of the last attempted delivery.
String lastErrorCode
The error code from the last attempted delivery.
String lastErrorMessage
The error message from the last attempted delivery.
Date lastAttemptTime
The time of the last attempted delivery.
Date lastSuccessfulTime
The time of the last successful delivery.
Date nextDeliveryTime
The time that the next delivery occurs.
String configRuleName
The name that you assign to the AWS Config rule. The name is required if you are adding a new rule.
String configRuleArn
The Amazon Resource Name (ARN) of the AWS Config rule.
String configRuleId
The ID of the AWS Config rule.
String description
The description that you provide for the AWS Config rule.
Scope scope
Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.
Source source
Provides the rule owner (AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
String inputParameters
A string, in JSON format, that is passed to the AWS Config rule Lambda function.
String maximumExecutionFrequency
The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for
MaximumExecutionFrequency when:
You are using an AWS managed rule that is triggered at a periodic frequency.
Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.
By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid
value for the MaximumExecutionFrequency parameter.
String configRuleState
Indicates whether the AWS Config rule is active or is currently being deleted by AWS Config. It can also indicate the evaluation status for the AWS Config rule.
AWS Config sets the state of the rule to EVALUATING temporarily after you use the
StartConfigRulesEvaluation request to evaluate your resources against the AWS Config rule.
AWS Config sets the state of the rule to DELETING_RESULTS temporarily after you use the
DeleteEvaluationResults request to delete the current evaluation results for the AWS Config rule.
AWS Config temporarily sets the state of a rule to DELETING after you use the
DeleteConfigRule request to delete the rule. After AWS Config deletes the rule, the rule and all of
its evaluations are erased and are no longer available.
String createdBy
Service principal name of the service that created the rule.
The field is populated only if the service linked rule is created by a service. The field is empty if you create your own rule.
String configRuleName
The name of the AWS Config rule.
String complianceType
The rule compliance status.
For the ConfigRuleComplianceFilters data type, AWS Config supports only COMPLIANT and
NON_COMPLIANT. AWS Config does not support the NOT_APPLICABLE and the
INSUFFICIENT_DATA values.
String accountId
The 12-digit account ID of the source account.
String awsRegion
The source region where the data is aggregated.
String configRuleName
The name of the AWS Config rule.
String configRuleArn
The Amazon Resource Name (ARN) of the AWS Config rule.
String configRuleId
The ID of the AWS Config rule.
Date lastSuccessfulInvocationTime
The time that AWS Config last successfully invoked the AWS Config rule to evaluate your AWS resources.
Date lastFailedInvocationTime
The time that AWS Config last failed to invoke the AWS Config rule to evaluate your AWS resources.
Date lastSuccessfulEvaluationTime
The time that AWS Config last successfully evaluated your AWS resources against the rule.
Date lastFailedEvaluationTime
The time that AWS Config last failed to evaluate your AWS resources against the rule.
Date firstActivatedTime
The time that you first activated the AWS Config rule.
String lastErrorCode
The error code that AWS Config returned when the rule last failed.
String lastErrorMessage
The error message that AWS Config returned when the rule last failed.
Boolean firstEvaluationStarted
Indicates whether AWS Config has evaluated your resources against the rule at least once.
true - AWS Config has evaluated your AWS resources against the rule at least once.
false - AWS Config has not once finished evaluating your AWS resources against the rule.
String deliveryFrequency
The frequency with which AWS Config delivers configuration snapshots.
String lastStatus
Status of the last attempted delivery.
Note Providing an SNS topic on a DeliveryChannel for AWS Config is optional. If the SNS delivery is turned off, the last status will be Not_Applicable.
String lastErrorCode
The error code from the last attempted delivery.
String lastErrorMessage
The error message from the last attempted delivery.
Date lastStatusChangeTime
The time from the last status change.
String configurationAggregatorName
The name of the aggregator.
String configurationAggregatorArn
The Amazon Resource Name (ARN) of the aggregator.
SdkInternalList<T> accountAggregationSources
Provides a list of source accounts and regions to be aggregated.
OrganizationAggregationSource organizationAggregationSource
Provides an organization and list of regions to be aggregated.
Date creationTime
The time stamp when the configuration aggregator was created.
Date lastUpdatedTime
The time of the last update.
String version
The version number of the resource configuration.
String accountId
The 12-digit AWS account ID associated with the resource.
Date configurationItemCaptureTime
The time when the configuration recording was initiated.
String configurationItemStatus
The configuration item status.
String configurationStateId
An identifier that indicates the ordering of the configuration items of a resource.
String configurationItemMD5Hash
Unique MD5 hash that represents the configuration item's state.
You can use MD5 hash to compare the states of two or more configuration items that are associated with the same resource.
String arn
accoun
String resourceType
The type of AWS resource.
String resourceId
The ID of the resource (for example, sg-xxxxxx).
String resourceName
The custom name of the resource, if available.
String awsRegion
The region where the resource resides.
String availabilityZone
The Availability Zone associated with the resource.
Date resourceCreationTime
The time stamp when the resource was created.
Map<K,V> tags
A mapping of key value tags associated with the resource.
SdkInternalList<T> relatedEvents
A list of CloudTrail event IDs.
A populated field indicates that the current configuration was initiated by the events recorded in the CloudTrail log. For more information about CloudTrail, see What Is AWS CloudTrail.
An empty field indicates that the current configuration was not initiated by any event.
SdkInternalList<T> relationships
A list of related AWS resources.
String configuration
The description of the resource configuration.
Map<K,V> supplementaryConfiguration
Configuration attributes that AWS Config returns for certain resource types to supplement the information
returned for the configuration parameter.
String name
The name of the recorder. By default, AWS Config automatically assigns the name "default" when creating the configuration recorder. You cannot change the assigned name.
String roleARN
Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources associated with the account.
RecordingGroup recordingGroup
Specifies the types of AWS resources for which AWS Config records configuration changes.
String name
The name of the configuration recorder.
Date lastStartTime
The time the recorder was last started.
Date lastStopTime
The time the recorder was last stopped.
Boolean recording
Specifies whether or not the recorder is currently recording.
String lastStatus
The last (previous) status of the recorder.
String lastErrorCode
The error code indicating that the recording failed.
String lastErrorMessage
The message indicating that the recording failed due to an error.
Date lastStatusChangeTime
The time when the status was last changed.
String configRuleName
The name of the AWS Config rule that you want to delete.
String configurationAggregatorName
The name of the configuration aggregator.
String configurationRecorderName
The name of the configuration recorder to be deleted. You can retrieve the name of your configuration recorder by
using the DescribeConfigurationRecorders action.
String deliveryChannelName
The name of the delivery channel to delete.
String configRuleName
The name of the AWS Config rule for which you want to delete the evaluation results.
String organizationConfigRuleName
String retentionConfigurationName
The name of the retention configuration to delete.
String deliveryChannelName
The name of the delivery channel through which the snapshot is delivered.
String configSnapshotId
The ID of the snapshot that is being created.
String name
The name of the delivery channel. By default, AWS Config assigns the name "default" when creating the delivery channel. To change the delivery channel name, you must use the DeleteDeliveryChannel action to delete your current delivery channel, and then you must use the PutDeliveryChannel command to create a delivery channel that has the desired name.
String s3BucketName
The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
If you specify a bucket that belongs to another AWS account, that bucket must have policies that grant access permissions to AWS Config. For more information, see Permissions for the Amazon S3 Bucket in the AWS Config Developer Guide.
String s3KeyPrefix
The prefix for the specified Amazon S3 bucket.
String snsTopicARN
The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
If you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config. For more information, see Permissions for the Amazon SNS Topic in the AWS Config Developer Guide.
ConfigSnapshotDeliveryProperties configSnapshotDeliveryProperties
The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.
String name
The name of the delivery channel.
ConfigExportDeliveryInfo configSnapshotDeliveryInfo
A list containing the status of the delivery of the snapshot to the specified Amazon S3 bucket.
ConfigExportDeliveryInfo configHistoryDeliveryInfo
A list that contains the status of the delivery of the configuration history to the specified Amazon S3 bucket.
ConfigStreamDeliveryInfo configStreamDeliveryInfo
A list containing the status of the delivery of the configuration stream notification to the specified Amazon SNS topic.
String configurationAggregatorName
The name of the configuration aggregator.
ConfigRuleComplianceFilters filters
Filters the results by ConfigRuleComplianceFilters object.
Integer limit
The maximum number of evaluation results returned on each page. The default is maximum. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> aggregateComplianceByConfigRules
Returns a list of AggregateComplianceByConfigRule object.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
Integer limit
The maximum number of AggregationAuthorizations returned on each page. The default is maximum. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> aggregationAuthorizations
Returns a list of authorizations granted to various aggregator accounts and regions.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> configRuleNames
Specify one or more AWS Config rule names to filter the results by rule.
SdkInternalList<T> complianceTypes
Filters the results by compliance.
The allowed values are COMPLIANT and NON_COMPLIANT.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> complianceByConfigRules
Indicates whether each of the specified AWS Config rules is compliant.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
String resourceType
The types of AWS resources for which you want compliance information (for example,
AWS::EC2::Instance). For this action, you can specify that the resource type is an AWS account by
specifying AWS::::Account.
String resourceId
The ID of the AWS resource for which you want compliance information. You can specify only one resource ID. If
you specify a resource ID, you must also specify a type for ResourceType.
SdkInternalList<T> complianceTypes
Filters the results by compliance.
The allowed values are COMPLIANT, NON_COMPLIANT, and INSUFFICIENT_DATA.
Integer limit
The maximum number of evaluation results returned on each page. The default is 10. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> complianceByResources
Indicates whether the specified AWS resource complies with all of the AWS Config rules that evaluate it.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
SdkInternalList<T> configRuleNames
The name of the AWS managed Config rules for which you want status information. If you do not specify any names, AWS Config returns status information for all AWS managed Config rules that you use.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
Integer limit
The number of rule evaluation results that you want returned.
This parameter is required if the rule limit for your account is more than the default of 150 rules.
For information about requesting a rule limit increase, see AWS Config Limits in the AWS General Reference Guide.
SdkInternalList<T> configRulesEvaluationStatus
Status information about your AWS managed Config rules.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
SdkInternalList<T> configRuleNames
The names of the AWS Config rules for which you want details. If you do not specify any names, AWS Config returns details for all your rules.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> configRules
The details about your AWS Config rules.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
String configurationAggregatorName
The name of the configuration aggregator.
SdkInternalList<T> updateStatus
Filters the status type.
Valid value FAILED indicates errors while moving data.
Valid value SUCCEEDED indicates the data was successfully moved.
Valid value OUTDATED indicates the data is not the most recent.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
Integer limit
The maximum number of AggregatorSourceStatus returned on each page. The default is maximum. If you specify 0, AWS Config uses the default.
SdkInternalList<T> aggregatedSourceStatusList
Returns an AggregatedSourceStatus object.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> configurationAggregatorNames
The name of the configuration aggregators.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
Integer limit
The maximum number of configuration aggregators returned on each page. The default is maximum. If you specify 0, AWS Config uses the default.
SdkInternalList<T> configurationAggregators
Returns a ConfigurationAggregators object.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> configurationRecorderNames
A list of configuration recorder names.
SdkInternalList<T> configurationRecorders
A list that contains the descriptions of the specified configuration recorders.
SdkInternalList<T> configurationRecorderNames
The name(s) of the configuration recorder. If the name is not specified, the action returns the current status of all the configuration recorders associated with the account.
SdkInternalList<T> configurationRecordersStatus
A list that contains status of the specified recorders.
SdkInternalList<T> deliveryChannelNames
A list of delivery channel names.
SdkInternalList<T> deliveryChannels
A list that contains the descriptions of the specified delivery channel.
SdkInternalList<T> deliveryChannelNames
A list of delivery channel names.
SdkInternalList<T> deliveryChannelsStatus
A list that contains the status of a specified delivery channel.
SdkInternalList<T> organizationConfigRuleNames
Integer limit
String nextToken
SdkInternalList<T> organizationConfigRules
String nextToken
SdkInternalList<T> organizationConfigRuleNames
Integer limit
String nextToken
SdkInternalList<T> organizationConfigRuleStatuses
String nextToken
Integer limit
The maximum number of evaluation results returned on each page. The default is maximum. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> pendingAggregationRequests
Returns a PendingAggregationRequests object.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> configRuleNames
A list of AWS Config rule names of remediation configurations for which you want details.
SdkInternalList<T> remediationConfigurations
Returns a remediation configuration object.
String configRuleName
A list of AWS Config rule names.
SdkInternalList<T> resourceKeys
A list of resource keys to be processed with the current request. Each element in the list consists of the resource type and resource ID.
Integer limit
The maximum number of RemediationExecutionStatuses returned on each page. The default is maximum. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> remediationExecutionStatuses
Returns a list of remediation execution statuses objects.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> retentionConfigurationNames
A list of names of retention configurations for which you want details. If you do not specify a name, AWS Config returns details for all the retention configurations for that account.
Currently, AWS Config supports only one retention configuration per region in your account.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> retentionConfigurations
Returns a retention configuration object.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
String complianceResourceType
The type of AWS resource that was evaluated.
String complianceResourceId
The ID of the AWS resource that was evaluated.
String complianceType
Indicates whether the AWS resource complies with the AWS Config rule that it was evaluated against.
For the Evaluation data type, AWS Config supports only the COMPLIANT,
NON_COMPLIANT, and NOT_APPLICABLE values. AWS Config does not support the
INSUFFICIENT_DATA value for this data type.
Similarly, AWS Config does not accept INSUFFICIENT_DATA as the value for ComplianceType
from a PutEvaluations request. For example, an AWS Lambda function for a custom AWS Config rule
cannot pass an INSUFFICIENT_DATA value to AWS Config.
String annotation
Supplementary information about how the evaluation determined the compliance.
Date orderingTimestamp
The time of the event in AWS Config that triggered the evaluation. For event-based evaluations, the time indicates when AWS Config created the configuration item that triggered the evaluation. For periodic evaluations, the time indicates when AWS Config triggered the evaluation at the frequency that you specified (for example, every 24 hours).
EvaluationResultIdentifier evaluationResultIdentifier
Uniquely identifies the evaluation result.
String complianceType
Indicates whether the AWS resource complies with the AWS Config rule that evaluated it.
For the EvaluationResult data type, AWS Config supports only the COMPLIANT,
NON_COMPLIANT, and NOT_APPLICABLE values. AWS Config does not support the
INSUFFICIENT_DATA value for the EvaluationResult data type.
Date resultRecordedTime
The time when AWS Config recorded the evaluation result.
Date configRuleInvokedTime
The time when the AWS Config rule evaluated the AWS resource.
String annotation
Supplementary information about how the evaluation determined the compliance.
String resultToken
An encrypted token that associates an evaluation with an AWS Config rule. The token identifies the rule, the AWS resource being evaluated, and the event that triggered the evaluation.
EvaluationResultQualifier evaluationResultQualifier
Identifies an AWS Config rule used to evaluate an AWS resource, and provides the type and ID of the evaluated resource.
Date orderingTimestamp
The time of the event that triggered the evaluation of your AWS resources. The time can indicate when AWS Config delivered a configuration item change notification, or it can indicate when AWS Config delivered the configuration snapshot, depending on which event triggered the evaluation.
String failureMessage
Returns a failure message. For example, the resource is already compliant.
SdkInternalList<T> failedItems
Returns remediation configurations of the failed items.
String name
Name of the field.
String configurationAggregatorName
The name of the configuration aggregator.
String configRuleName
The name of the AWS Config rule for which you want compliance information.
String accountId
The 12-digit account ID of the source account.
String awsRegion
The source region from where the data is aggregated.
String complianceType
The resource compliance status.
For the GetAggregateComplianceDetailsByConfigRuleRequest data type, AWS Config supports only the
COMPLIANT and NON_COMPLIANT. AWS Config does not support the
NOT_APPLICABLE and INSUFFICIENT_DATA values.
Integer limit
The maximum number of evaluation results returned on each page. The default is 50. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> aggregateEvaluationResults
Returns an AggregateEvaluationResults object.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
String configurationAggregatorName
The name of the configuration aggregator.
ConfigRuleComplianceSummaryFilters filters
Filters the results based on the ConfigRuleComplianceSummaryFilters object.
String groupByKey
Groups the result based on ACCOUNT_ID or AWS_REGION.
Integer limit
The maximum number of evaluation results returned on each page. The default is 1000. You cannot specify a number greater than 1000. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
String groupByKey
Groups the result based on ACCOUNT_ID or AWS_REGION.
SdkInternalList<T> aggregateComplianceCounts
Returns a list of AggregateComplianceCounts object.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
String configurationAggregatorName
The name of the configuration aggregator.
ResourceCountFilters filters
Filters the results based on the ResourceCountFilters object.
String groupByKey
The key to group the resource counts.
Integer limit
The maximum number of GroupedResourceCount objects returned on each page. The default is 1000. You cannot specify a number greater than 1000. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
Long totalDiscoveredResources
The total number of resources that are present in an aggregator with the filters that you provide.
String groupByKey
The key passed into the request object. If GroupByKey is not provided, the result will be empty.
SdkInternalList<T> groupedResourceCounts
Returns a list of GroupedResourceCount objects.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
String configurationAggregatorName
The name of the configuration aggregator.
AggregateResourceIdentifier resourceIdentifier
An object that identifies aggregate resource.
ConfigurationItem configurationItem
Returns a ConfigurationItem object.
String configRuleName
The name of the AWS Config rule for which you want compliance information.
SdkInternalList<T> complianceTypes
Filters the results by compliance.
The allowed values are COMPLIANT, NON_COMPLIANT, and NOT_APPLICABLE.
Integer limit
The maximum number of evaluation results returned on each page. The default is 10. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> evaluationResults
Indicates whether the AWS resource complies with the specified AWS Config rule.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
String resourceType
The type of the AWS resource for which you want compliance information.
String resourceId
The ID of the AWS resource for which you want compliance information.
SdkInternalList<T> complianceTypes
Filters the results by compliance.
The allowed values are COMPLIANT, NON_COMPLIANT, and NOT_APPLICABLE.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> evaluationResults
Indicates whether the specified AWS resource complies each AWS Config rule.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
ComplianceSummary complianceSummary
The number of AWS Config rules that are compliant and the number that are noncompliant, up to a maximum of 25 for each.
SdkInternalList<T> resourceTypes
Specify one or more resource types to get the number of resources that are compliant and the number that are noncompliant for each resource type.
For this request, you can specify an AWS resource type such as AWS::EC2::Instance. You can specify
that the resource type is an AWS account by specifying AWS::::Account.
SdkInternalList<T> complianceSummariesByResourceType
The number of resources that are compliant and the number that are noncompliant. If one or more resource types were provided with the request, the numbers are returned for each resource type. The maximum number returned is 100.
SdkInternalList<T> resourceTypes
The comma-separated list that specifies the resource types that you want AWS Config to return (for example,
"AWS::EC2::Instance", "AWS::IAM::User").
If a value for resourceTypes is not specified, AWS Config returns all resource types that AWS Config
is recording in the region for your account.
If the configuration recorder is turned off, AWS Config returns an empty list of ResourceCount objects. If the configuration recorder is not recording a specific resource type (for example, S3 buckets), that resource type is not returned in the list of ResourceCount objects.
Integer limit
The maximum number of ResourceCount objects returned on each page. The default is 100. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
Long totalDiscoveredResources
The total number of resources that AWS Config is recording in the region for your account. If you specify resource types in the request, AWS Config returns only the total number of resources for those resource types.
Example
AWS Config is recording three resource types in the US East (Ohio) Region for your account: 25 EC2 instances, 20 IAM users, and 15 S3 buckets, for a total of 60 resources.
You make a call to the GetDiscoveredResourceCounts action and specify the resource type,
"AWS::EC2::Instances", in the request.
AWS Config returns 25 for totalDiscoveredResources.
SdkInternalList<T> resourceCounts
The list of ResourceCount objects. Each object is listed in descending order by the number of
resources.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
String organizationConfigRuleName
StatusDetailFilters filters
Integer limit
String nextToken
SdkInternalList<T> organizationConfigRuleDetailedStatus
String nextToken
String resourceType
The resource type.
String resourceId
The ID of the resource (for example., sg-xxxxxx).
Date laterTime
The time stamp that indicates a later time. If not specified, current time is taken.
Date earlierTime
The time stamp that indicates an earlier time. If not specified, the action returns paginated results that contain configuration items that start when the first configuration item was recorded.
String chronologicalOrder
The chronological order for configuration items listed. By default, the results are listed in reverse chronological order.
Integer limit
The maximum number of configuration items returned on each page. The default is 10. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> configurationItems
A list that contains the configuration history of one or more resources.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
String configurationAggregatorName
The name of the configuration aggregator.
String resourceType
The type of resources that you want AWS Config to list in the response.
ResourceFilters filters
Filters the results based on the ResourceFilters object.
Integer limit
The maximum number of resource identifiers returned on each page. The default is 100. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> resourceIdentifiers
Returns a list of ResourceIdentifiers objects.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
String resourceType
The type of resources that you want AWS Config to list in the response.
SdkInternalList<T> resourceIds
The IDs of only those resources that you want AWS Config to list in the response. If you do not specify this parameter, AWS Config lists all resources of the specified type that it has discovered.
String resourceName
The custom name of only those resources that you want AWS Config to list in the response. If you do not specify this parameter, AWS Config lists all resources of the specified type that it has discovered.
Integer limit
The maximum number of resource identifiers returned on each page. The default is 100. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.
Boolean includeDeletedResources
Specifies whether AWS Config includes deleted resources in the results. By default, deleted resources are not included.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a
paginated response.
SdkInternalList<T> resourceIdentifiers
The details that identify a resource that is discovered by AWS Config, including the resource type, ID, and (if available) the custom resource name.
String nextToken
The string that you use in a subsequent request to get the next page of results in a paginated response.
String resourceArn
The Amazon Resource Name (ARN) that identifies the resource for which to list the tags. Currently, the supported
resources are ConfigRule, ConfigurationAggregator and
AggregatorAuthorization.
Integer limit
The maximum number of tags returned on each page. The limit maximum is 50. You cannot specify a number greater than 50. If you specify 0, AWS Config uses the default.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
SdkInternalList<T> tags
The tags for the resource.
String nextToken
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
String roleArn
ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
SdkInternalList<T> awsRegions
The source regions being aggregated.
Boolean allAwsRegions
If true, aggregate existing AWS Config regions and future regions.
String organizationConfigRuleName
String organizationConfigRuleArn
OrganizationManagedRuleMetadata organizationManagedRuleMetadata
OrganizationCustomRuleMetadata organizationCustomRuleMetadata
SdkInternalList<T> excludedAccounts
Date lastUpdateTime
String description
String lambdaFunctionArn
SdkInternalList<T> organizationConfigRuleTriggerTypes
String inputParameters
String maximumExecutionFrequency
SdkInternalList<T> resourceTypesScope
String resourceIdScope
String tagKeyScope
String tagValueScope
String description
String ruleIdentifier
String inputParameters
String maximumExecutionFrequency
SdkInternalList<T> resourceTypesScope
String resourceIdScope
String tagKeyScope
String tagValueScope
String authorizedAccountId
The 12-digit account ID of the account authorized to aggregate data.
String authorizedAwsRegion
The region authorized to collect aggregated data.
SdkInternalList<T> tags
AggregationAuthorization aggregationAuthorization
Returns an AggregationAuthorization object.
ConfigRule configRule
The rule that you want to add to your account.
SdkInternalList<T> tags
String configurationAggregatorName
The name of the configuration aggregator.
SdkInternalList<T> accountAggregationSources
A list of AccountAggregationSource object.
OrganizationAggregationSource organizationAggregationSource
An OrganizationAggregationSource object.
SdkInternalList<T> tags
ConfigurationAggregator configurationAggregator
Returns a ConfigurationAggregator object.
ConfigurationRecorder configurationRecorder
The configuration recorder object that records each configuration change made to the resources.
DeliveryChannel deliveryChannel
The configuration delivery channel object that delivers the configuration information to an Amazon S3 bucket and to an Amazon SNS topic.
SdkInternalList<T> evaluations
The assessments that the AWS Lambda function performs. Each evaluation identifies an AWS resource and indicates whether it complies with the AWS Config rule that invokes the AWS Lambda function.
String resultToken
An encrypted token that associates an evaluation with an AWS Config rule. Identifies the rule and the event that triggered the evaluation.
Boolean testMode
Use this parameter to specify a test run for PutEvaluations. You can verify whether your AWS Lambda
function will deliver evaluation results to AWS Config. No updates occur to your existing evaluations, and
evaluation results are not sent to AWS Config.
When TestMode is true, PutEvaluations doesn't require a valid value for
the ResultToken parameter, but the value cannot be null.
SdkInternalList<T> failedEvaluations
Requests that failed because of a client or server error.
String organizationConfigRuleName
OrganizationManagedRuleMetadata organizationManagedRuleMetadata
OrganizationCustomRuleMetadata organizationCustomRuleMetadata
SdkInternalList<T> excludedAccounts
String organizationConfigRuleArn
SdkInternalList<T> remediationConfigurations
A list of remediation configuration objects.
SdkInternalList<T> failedBatches
Returns a list of failed remediation batch objects.
Integer retentionPeriodInDays
Number of days AWS Config stores your historical information.
Currently, only applicable to the configuration item history.
RetentionConfiguration retentionConfiguration
Returns a retention configuration object.
SdkInternalList<T> selectFields
Returns a FieldInfo object.
Boolean allSupported
Specifies whether AWS Config records configuration changes for every supported type of regional resource.
If you set this option to true, when AWS Config adds support for a new type of regional resource, it
starts recording resources of that type automatically.
If you set this option to true, you cannot enumerate a list of resourceTypes.
Boolean includeGlobalResourceTypes
Specifies whether AWS Config includes all supported types of global resources (for example, IAM resources) with the resources that it records.
Before you can set this option to true, you must set the allSupported option to
true.
If you set this option to true, when AWS Config adds support for a new type of global resource, it
starts recording resources of that type automatically.
The configuration details for any global resource are the same in all regions. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources.
SdkInternalList<T> resourceTypes
A comma-separated list that specifies the types of AWS resources for which AWS Config records configuration
changes (for example, AWS::EC2::Instance or AWS::CloudTrail::Trail).
Before you can set this option to true, you must set the allSupported option to
false.
If you set this option to true, when AWS Config adds support for a new type of resource, it will not
record resources of that type unless you manually add that type to your recording group.
For a list of valid resourceTypes values, see the resourceType Value column in Supported AWS Resource Types.
String resourceType
The resource type of the related resource.
String resourceId
The ID of the related resource (for example, sg-xxxxxx).
String resourceName
The custom name of the related resource, if available.
String relationshipName
The type of relationship with the related resource.
String configRuleName
The name of the AWS Config rule.
String targetType
The type of the target. Target executes remediation. For example, SSM document.
String targetId
Target ID is the name of the public document.
String targetVersion
Version of the target. For example, version of the SSM document.
Map<K,V> parameters
An object of the RemediationParameterValue.
String resourceType
The type of a resource.
ResourceKey resourceKey
String state
ENUM of the values.
SdkInternalList<T> stepDetails
Details of every step.
Date invocationTime
Start time when the remediation was executed.
Date lastUpdatedTime
The time when the remediation execution was last updated.
ResourceValue resourceValue
The value is dynamic and changes at run-time.
StaticValue staticValue
The value is static and does not change at run-time.
String resourceType
The type of resource.
String resourceId
The ID of the resource (for example, sg-xxxxxx).
String resourceName
The custom name of the resource (if available).
Date resourceDeletionTime
The time that the resource was deleted.
String value
The value is a resource ID.
SdkInternalList<T> complianceResourceTypes
The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only
specify one type if you also specify a resource ID for ComplianceResourceId.
String tagKey
The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.
String tagValue
The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you
specify a value for TagValue, you must also specify a value for TagKey.
String complianceResourceId
The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource
ID, you must specify one resource type for ComplianceResourceTypes.
SdkInternalList<T> results
Returns the results for the SQL query.
QueryInfo queryInfo
Returns the QueryInfo object.
String nextToken
The nextToken string returned in a previous request that you use to request the next page of results
in a paginated response.
String owner
Indicates whether AWS or the customer owns and manages the AWS Config rule.
String sourceIdentifier
For AWS Config managed rules, a predefined identifier from a list. For example, IAM_PASSWORD_POLICY
is a managed rule. To reference a managed rule, see Using AWS
Managed Config Rules.
For custom rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as
arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name.
SdkInternalList<T> sourceDetails
Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.
String eventSource
The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
String messageType
The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:
ConfigurationItemChangeNotification - Triggers an evaluation when AWS Config delivers a
configuration item as a result of a resource change.
OversizedConfigurationItemChangeNotification - Triggers an evaluation when AWS Config delivers an
oversized configuration item. AWS Config may generate this notification type when a resource changes and the
notification exceeds the maximum size allowed by Amazon SNS.
ScheduledNotification - Triggers a periodic evaluation at the frequency specified for
MaximumExecutionFrequency.
ConfigurationSnapshotDeliveryCompleted - Triggers a periodic evaluation when AWS Config delivers a
configuration snapshot.
If you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for
ConfigurationItemChangeNotification and one for
OversizedConfigurationItemChangeNotification.
String maximumExecutionFrequency
The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you
specify a value for MaximumExecutionFrequency, then MessageType must use the
ScheduledNotification value.
By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid
value for the MaximumExecutionFrequency parameter.
Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you
choose Three_Hours, AWS Config runs evaluations once every three hours. In this case,
Three_Hours is the frequency of this rule.
SdkInternalList<T> configRuleNames
The list of names of AWS Config rules that you want to run evaluations for.
String configurationRecorderName
The name of the recorder object that records each configuration change made to the resources.
String configRuleName
The list of names of AWS Config rules that you want to run remediation execution for.
SdkInternalList<T> resourceKeys
A list of resource keys to be processed with the current request. Each element in the list consists of the resource type and resource ID.
String failureMessage
Returns a failure message. For example, the resource is already compliant.
SdkInternalList<T> failedItems
For resources that have failed to start execution, the API returns a resource key object.
SdkInternalList<T> values
A list of values. For example, the ARN of the assumed role.
String configurationRecorderName
The name of the recorder object that records each configuration change made to the resources.
String resourceArn
The Amazon Resource Name (ARN) that identifies the resource for which to list the tags. Currently, the supported
resources are ConfigRule, ConfigurationAggregator and
AggregatorAuthorization.
SdkInternalList<T> tags
An array of tag object.
String resourceArn
The Amazon Resource Name (ARN) that identifies the resource for which to list the tags. Currently, the supported
resources are ConfigRule, ConfigurationAggregator and
AggregatorAuthorization.
SdkInternalList<T> tagKeys
The keys of the tags to be removed.
Copyright © 2019. All rights reserved.