ListDiscoveredResources - AWS Config

ListDiscoveredResources

Accepts a resource type and returns a list of resource identifiers for the resources of that type. A resource identifier includes the resource type, ID, and (if available) the custom resource name. The results consist of resources that AWS Config has discovered, including those that AWS Config is not currently recording. You can narrow the results to include only resources that have specific resource IDs or a resource name.

Note

You can specify either resource IDs or a resource name, but not both, in the same request.

The response is paginated. By default, AWS Config lists 100 resource identifiers on each page. You can customize this number with the limit parameter. The response includes a nextToken string. To get the next page of results, run the request again and specify the string for the nextToken parameter.

Request Syntax

{ "includeDeletedResources": boolean, "limit": number, "nextToken": "string", "resourceIds": [ "string" ], "resourceName": "string", "resourceType": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

includeDeletedResources

Specifies whether AWS Config includes deleted resources in the results. By default, deleted resources are not included.

Type: Boolean

Required: No

limit

The maximum number of resource identifiers returned on each page. The default is 100. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.

Type: Integer

Valid Range: Minimum value of 0. Maximum value of 100.

Required: No

nextToken

The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.

Type: String

Required: No

resourceIds

The IDs of only those resources that you want AWS Config to list in the response. If you do not specify this parameter, AWS Config lists all resources of the specified type that it has discovered. You can list a minimum of 1 resourceID and a maximum of 20 resourceIds.

Type: Array of strings

Length Constraints: Minimum length of 1. Maximum length of 768.

Required: No

resourceName

The custom name of only those resources that you want AWS Config to list in the response. If you do not specify this parameter, AWS Config lists all resources of the specified type that it has discovered.

Type: String

Required: No

resourceType

The type of resources that you want AWS Config to list in the response.

Type: String

Valid Values: AWS::EC2::CustomerGateway | AWS::EC2::EIP | AWS::EC2::Host | AWS::EC2::Instance | AWS::EC2::InternetGateway | AWS::EC2::NetworkAcl | AWS::EC2::NetworkInterface | AWS::EC2::RouteTable | AWS::EC2::SecurityGroup | AWS::EC2::Subnet | AWS::CloudTrail::Trail | AWS::EC2::Volume | AWS::EC2::VPC | AWS::EC2::VPNConnection | AWS::EC2::VPNGateway | AWS::EC2::RegisteredHAInstance | AWS::EC2::NatGateway | AWS::EC2::EgressOnlyInternetGateway | AWS::EC2::VPCEndpoint | AWS::EC2::VPCEndpointService | AWS::EC2::FlowLog | AWS::EC2::VPCPeeringConnection | AWS::Elasticsearch::Domain | AWS::IAM::Group | AWS::IAM::Policy | AWS::IAM::Role | AWS::IAM::User | AWS::ElasticLoadBalancingV2::LoadBalancer | AWS::ACM::Certificate | AWS::RDS::DBInstance | AWS::RDS::DBSubnetGroup | AWS::RDS::DBSecurityGroup | AWS::RDS::DBSnapshot | AWS::RDS::DBCluster | AWS::RDS::DBClusterSnapshot | AWS::RDS::EventSubscription | AWS::S3::Bucket | AWS::S3::AccountPublicAccessBlock | AWS::Redshift::Cluster | AWS::Redshift::ClusterSnapshot | AWS::Redshift::ClusterParameterGroup | AWS::Redshift::ClusterSecurityGroup | AWS::Redshift::ClusterSubnetGroup | AWS::Redshift::EventSubscription | AWS::SSM::ManagedInstanceInventory | AWS::CloudWatch::Alarm | AWS::CloudFormation::Stack | AWS::ElasticLoadBalancing::LoadBalancer | AWS::AutoScaling::AutoScalingGroup | AWS::AutoScaling::LaunchConfiguration | AWS::AutoScaling::ScalingPolicy | AWS::AutoScaling::ScheduledAction | AWS::DynamoDB::Table | AWS::CodeBuild::Project | AWS::WAF::RateBasedRule | AWS::WAF::Rule | AWS::WAF::RuleGroup | AWS::WAF::WebACL | AWS::WAFRegional::RateBasedRule | AWS::WAFRegional::Rule | AWS::WAFRegional::RuleGroup | AWS::WAFRegional::WebACL | AWS::CloudFront::Distribution | AWS::CloudFront::StreamingDistribution | AWS::Lambda::Function | AWS::NetworkFirewall::Firewall | AWS::NetworkFirewall::FirewallPolicy | AWS::NetworkFirewall::RuleGroup | AWS::ElasticBeanstalk::Application | AWS::ElasticBeanstalk::ApplicationVersion | AWS::ElasticBeanstalk::Environment | AWS::WAFv2::WebACL | AWS::WAFv2::RuleGroup | AWS::WAFv2::IPSet | AWS::WAFv2::RegexPatternSet | AWS::WAFv2::ManagedRuleSet | AWS::XRay::EncryptionConfig | AWS::SSM::AssociationCompliance | AWS::SSM::PatchCompliance | AWS::Shield::Protection | AWS::ShieldRegional::Protection | AWS::Config::ConformancePackCompliance | AWS::Config::ResourceCompliance | AWS::ApiGateway::Stage | AWS::ApiGateway::RestApi | AWS::ApiGatewayV2::Stage | AWS::ApiGatewayV2::Api | AWS::CodePipeline::Pipeline | AWS::ServiceCatalog::CloudFormationProvisionedProduct | AWS::ServiceCatalog::CloudFormationProduct | AWS::ServiceCatalog::Portfolio | AWS::SQS::Queue | AWS::KMS::Key | AWS::QLDB::Ledger | AWS::SecretsManager::Secret | AWS::SNS::Topic | AWS::SSM::FileData | AWS::Backup::BackupPlan | AWS::Backup::BackupSelection | AWS::Backup::BackupVault | AWS::Backup::RecoveryPoint | AWS::ECR::Repository | AWS::ECS::Cluster | AWS::ECS::Service | AWS::ECS::TaskDefinition | AWS::EFS::AccessPoint | AWS::EFS::FileSystem | AWS::EKS::Cluster | AWS::OpenSearch::Domain | AWS::EC2::TransitGateway | AWS::Kinesis::Stream | AWS::Kinesis::StreamConsumer | AWS::CodeDeploy::Application | AWS::CodeDeploy::DeploymentConfig | AWS::CodeDeploy::DeploymentGroup | AWS::EC2::LaunchTemplate | AWS::ECR::PublicRepository | AWS::GuardDuty::Detector | AWS::EMR::SecurityConfiguration | AWS::SageMaker::CodeRepository | AWS::Route53Resolver::ResolverEndpoint | AWS::Route53Resolver::ResolverRule | AWS::Route53Resolver::ResolverRuleAssociation | AWS::DMS::ReplicationSubnetGroup | AWS::DMS::EventSubscription | AWS::MSK::Cluster | AWS::StepFunctions::Activity | AWS::WorkSpaces::Workspace | AWS::WorkSpaces::ConnectionAlias | AWS::SageMaker::Model | AWS::ElasticLoadBalancingV2::Listener | AWS::StepFunctions::StateMachine | AWS::Batch::JobQueue | AWS::Batch::ComputeEnvironment | AWS::AccessAnalyzer::Analyzer | AWS::Athena::WorkGroup | AWS::Athena::DataCatalog | AWS::Detective::Graph | AWS::GlobalAccelerator::Accelerator | AWS::GlobalAccelerator::EndpointGroup | AWS::GlobalAccelerator::Listener | AWS::EC2::TransitGatewayAttachment | AWS::EC2::TransitGatewayRouteTable | AWS::DMS::Certificate | AWS::AppConfig::Application | AWS::AppSync::GraphQLApi | AWS::DataSync::LocationSMB | AWS::DataSync::LocationFSxLustre | AWS::DataSync::LocationS3 | AWS::DataSync::LocationEFS | AWS::DataSync::Task | AWS::DataSync::LocationNFS | AWS::EC2::NetworkInsightsAccessScopeAnalysis | AWS::EKS::FargateProfile | AWS::Glue::Job | AWS::GuardDuty::ThreatIntelSet | AWS::GuardDuty::IPSet | AWS::SageMaker::Workteam | AWS::SageMaker::NotebookInstanceLifecycleConfig | AWS::ServiceDiscovery::Service | AWS::ServiceDiscovery::PublicDnsNamespace | AWS::SES::ContactList | AWS::SES::ConfigurationSet | AWS::Route53::HostedZone | AWS::IoTEvents::Input | AWS::IoTEvents::DetectorModel | AWS::IoTEvents::AlarmModel | AWS::ServiceDiscovery::HttpNamespace | AWS::Events::EventBus | AWS::ImageBuilder::ContainerRecipe | AWS::ImageBuilder::DistributionConfiguration | AWS::ImageBuilder::InfrastructureConfiguration | AWS::DataSync::LocationObjectStorage | AWS::DataSync::LocationHDFS | AWS::Glue::Classifier | AWS::Route53RecoveryReadiness::Cell | AWS::Route53RecoveryReadiness::ReadinessCheck | AWS::ECR::RegistryPolicy | AWS::Backup::ReportPlan | AWS::Lightsail::Certificate | AWS::RUM::AppMonitor | AWS::Events::Endpoint | AWS::SES::ReceiptRuleSet | AWS::Events::Archive | AWS::Events::ApiDestination | AWS::Lightsail::Disk | AWS::FIS::ExperimentTemplate | AWS::DataSync::LocationFSxWindows | AWS::SES::ReceiptFilter | AWS::GuardDuty::Filter | AWS::SES::Template | AWS::AmazonMQ::Broker | AWS::AppConfig::Environment | AWS::AppConfig::ConfigurationProfile | AWS::Cloud9::EnvironmentEC2 | AWS::EventSchemas::Registry | AWS::EventSchemas::RegistryPolicy | AWS::EventSchemas::Discoverer | AWS::FraudDetector::Label | AWS::FraudDetector::EntityType | AWS::FraudDetector::Variable | AWS::FraudDetector::Outcome | AWS::IoT::Authorizer | AWS::IoT::SecurityProfile | AWS::IoT::RoleAlias | AWS::IoT::Dimension | AWS::IoTAnalytics::Datastore | AWS::Lightsail::Bucket | AWS::Lightsail::StaticIp | AWS::MediaPackage::PackagingGroup | AWS::Route53RecoveryReadiness::RecoveryGroup | AWS::ResilienceHub::ResiliencyPolicy | AWS::Transfer::Workflow | AWS::EKS::IdentityProviderConfig | AWS::EKS::Addon | AWS::Glue::MLTransform | AWS::IoT::Policy | AWS::IoT::MitigationAction | AWS::IoTTwinMaker::Workspace | AWS::IoTTwinMaker::Entity | AWS::IoTAnalytics::Dataset | AWS::IoTAnalytics::Pipeline | AWS::IoTAnalytics::Channel | AWS::IoTSiteWise::Dashboard | AWS::IoTSiteWise::Project | AWS::IoTSiteWise::Portal | AWS::IoTSiteWise::AssetModel | AWS::IVS::Channel | AWS::IVS::RecordingConfiguration | AWS::IVS::PlaybackKeyPair | AWS::KinesisAnalyticsV2::Application | AWS::RDS::GlobalCluster | AWS::S3::MultiRegionAccessPoint | AWS::DeviceFarm::TestGridProject | AWS::Budgets::BudgetsAction | AWS::Lex::Bot | AWS::CodeGuruReviewer::RepositoryAssociation | AWS::IoT::CustomMetric | AWS::Route53Resolver::FirewallDomainList | AWS::RoboMaker::RobotApplicationVersion | AWS::EC2::TrafficMirrorSession | AWS::IoTSiteWise::Gateway | AWS::Lex::BotAlias | AWS::LookoutMetrics::Alert | AWS::IoT::AccountAuditConfiguration | AWS::EC2::TrafficMirrorTarget | AWS::S3::StorageLens | AWS::IoT::ScheduledAudit | AWS::Events::Connection | AWS::EventSchemas::Schema | AWS::MediaPackage::PackagingConfiguration | AWS::KinesisVideo::SignalingChannel | AWS::AppStream::DirectoryConfig | AWS::LookoutVision::Project | AWS::Route53RecoveryControl::Cluster | AWS::Route53RecoveryControl::SafetyRule | AWS::Route53RecoveryControl::ControlPanel | AWS::Route53RecoveryControl::RoutingControl | AWS::Route53RecoveryReadiness::ResourceSet | AWS::RoboMaker::SimulationApplication | AWS::RoboMaker::RobotApplication | AWS::HealthLake::FHIRDatastore | AWS::Pinpoint::Segment | AWS::Pinpoint::ApplicationSettings | AWS::Events::Rule | AWS::EC2::DHCPOptions | AWS::EC2::NetworkInsightsPath | AWS::EC2::TrafficMirrorFilter | AWS::EC2::IPAM | AWS::IoTTwinMaker::Scene | AWS::NetworkManager::TransitGatewayRegistration | AWS::CustomerProfiles::Domain | AWS::AutoScaling::WarmPool | AWS::Connect::PhoneNumber | AWS::AppConfig::DeploymentStrategy | AWS::AppFlow::Flow | AWS::AuditManager::Assessment | AWS::CloudWatch::MetricStream | AWS::DeviceFarm::InstanceProfile | AWS::DeviceFarm::Project | AWS::EC2::EC2Fleet | AWS::EC2::SubnetRouteTableAssociation | AWS::ECR::PullThroughCacheRule | AWS::GroundStation::Config | AWS::ImageBuilder::ImagePipeline | AWS::IoT::FleetMetric | AWS::IoTWireless::ServiceProfile | AWS::NetworkManager::Device | AWS::NetworkManager::GlobalNetwork | AWS::NetworkManager::Link | AWS::NetworkManager::Site | AWS::Panorama::Package | AWS::Pinpoint::App | AWS::Redshift::ScheduledAction | AWS::Route53Resolver::FirewallRuleGroupAssociation | AWS::SageMaker::AppImageConfig | AWS::SageMaker::Image | AWS::ECS::TaskSet | AWS::Cassandra::Keyspace | AWS::Signer::SigningProfile | AWS::Amplify::App | AWS::AppMesh::VirtualNode | AWS::AppMesh::VirtualService | AWS::AppRunner::VpcConnector | AWS::AppStream::Application | AWS::CodeArtifact::Repository | AWS::EC2::PrefixList | AWS::EC2::SpotFleet | AWS::Evidently::Project | AWS::Forecast::Dataset | AWS::IAM::SAMLProvider | AWS::IAM::ServerCertificate | AWS::Pinpoint::Campaign | AWS::Pinpoint::InAppTemplate | AWS::SageMaker::Domain | AWS::Transfer::Agreement | AWS::Transfer::Connector | AWS::KinesisFirehose::DeliveryStream | AWS::Amplify::Branch | AWS::AppIntegrations::EventIntegration | AWS::AppMesh::Route | AWS::Athena::PreparedStatement | AWS::EC2::IPAMScope | AWS::Evidently::Launch | AWS::Forecast::DatasetGroup | AWS::GreengrassV2::ComponentVersion | AWS::GroundStation::MissionProfile | AWS::MediaConnect::FlowEntitlement | AWS::MediaConnect::FlowVpcInterface | AWS::MediaTailor::PlaybackConfiguration | AWS::MSK::Configuration | AWS::Personalize::Dataset | AWS::Personalize::Schema | AWS::Personalize::Solution | AWS::Pinpoint::EmailTemplate | AWS::Pinpoint::EventStream | AWS::ResilienceHub::App | AWS::ACMPCA::CertificateAuthority | AWS::AppConfig::HostedConfigurationVersion | AWS::AppMesh::VirtualGateway | AWS::AppMesh::VirtualRouter | AWS::AppRunner::Service | AWS::CustomerProfiles::ObjectType | AWS::DMS::Endpoint | AWS::EC2::CapacityReservation | AWS::EC2::ClientVpnEndpoint | AWS::Kendra::Index | AWS::KinesisVideo::Stream | AWS::Logs::Destination | AWS::Pinpoint::EmailChannel | AWS::S3::AccessPoint | AWS::NetworkManager::CustomerGatewayAssociation | AWS::NetworkManager::LinkAssociation | AWS::IoTWireless::MulticastGroup | AWS::Personalize::DatasetGroup | AWS::IoTTwinMaker::ComponentType | AWS::CodeBuild::ReportGroup | AWS::SageMaker::FeatureGroup | AWS::MSK::BatchScramSecret | AWS::AppStream::Stack | AWS::IoT::JobTemplate | AWS::IoTWireless::FuotaTask | AWS::IoT::ProvisioningTemplate | AWS::InspectorV2::Filter | AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation | AWS::ServiceDiscovery::Instance | AWS::Transfer::Certificate | AWS::MediaConnect::FlowSource | AWS::APS::RuleGroupsNamespace | AWS::CodeGuruProfiler::ProfilingGroup | AWS::Route53Resolver::ResolverQueryLoggingConfig | AWS::Batch::SchedulingPolicy | AWS::ACMPCA::CertificateAuthorityActivation | AWS::AppMesh::GatewayRoute | AWS::AppMesh::Mesh | AWS::Connect::Instance | AWS::Connect::QuickConnect | AWS::EC2::CarrierGateway | AWS::EC2::IPAMPool | AWS::EC2::TransitGatewayConnect | AWS::EC2::TransitGatewayMulticastDomain | AWS::ECS::CapacityProvider | AWS::IAM::InstanceProfile | AWS::IoT::CACertificate | AWS::IoTTwinMaker::SyncJob | AWS::KafkaConnect::Connector | AWS::Lambda::CodeSigningConfig | AWS::NetworkManager::ConnectPeer | AWS::ResourceExplorer2::Index | AWS::AppStream::Fleet | AWS::Cognito::UserPool | AWS::Cognito::UserPoolClient | AWS::Cognito::UserPoolGroup | AWS::EC2::NetworkInsightsAccessScope | AWS::EC2::NetworkInsightsAnalysis | AWS::Grafana::Workspace | AWS::GroundStation::DataflowEndpointGroup | AWS::ImageBuilder::ImageRecipe | AWS::KMS::Alias | AWS::M2::Environment | AWS::QuickSight::DataSource | AWS::QuickSight::Template | AWS::QuickSight::Theme | AWS::RDS::OptionGroup | AWS::Redshift::EndpointAccess | AWS::Route53Resolver::FirewallRuleGroup | AWS::SSM::Document

Required: Yes

Response Syntax

{ "nextToken": "string", "resourceIdentifiers": [ { "resourceDeletionTime": number, "resourceId": "string", "resourceName": "string", "resourceType": "string" } ] }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

nextToken

The string that you use in a subsequent request to get the next page of results in a paginated response.

Type: String

resourceIdentifiers

The details that identify a resource that is discovered by AWS Config, including the resource type, ID, and (if available) the custom resource name.

Type: Array of ResourceIdentifier objects

Errors

For information about the errors that are common to all actions, see Common Errors.

InvalidLimitException

The specified limit is outside the allowable range.

HTTP Status Code: 400

InvalidNextTokenException

The specified next token is not valid. Specify the nextToken string that was returned in the previous response to get the next page of results.

HTTP Status Code: 400

NoAvailableConfigurationRecorderException

There are no configuration recorders available to provide the role needed to describe your resources. Create a configuration recorder.

HTTP Status Code: 400

ValidationException

The requested action is not valid.

For PutStoredQuery, you will see this exception if there are missing required fields or if the input value fails the validation, or if you are trying to create more than 300 queries.

For GetStoredQuery, ListStoredQuery, and DeleteStoredQuery you will see this exception if there are missing required fields or if the input value fails the validation.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: