GetAggregateComplianceDetailsByConfigRule
Returns the evaluation results for the specified AWS Config rule for a specific resource in a rule. The results indicate which AWS resources were evaluated by the rule, when each resource was last evaluated, and whether each resource complies with the rule.
Note
The results can return an empty result page. But if you
have a nextToken
, the results are displayed on the next
page.
Request Syntax
{
"AccountId": "string
",
"AwsRegion": "string
",
"ComplianceType": "string
",
"ConfigRuleName": "string
",
"ConfigurationAggregatorName": "string
",
"Limit": number
,
"NextToken": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- AccountId
-
The 12-digit account ID of the source account.
Type: String
Pattern:
\d{12}
Required: Yes
- AwsRegion
-
The source region from where the data is aggregated.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Required: Yes
- ComplianceType
-
The resource compliance status.
Note
For the
GetAggregateComplianceDetailsByConfigRuleRequest
data type, AWS Config supports only theCOMPLIANT
andNON_COMPLIANT
. AWS Config does not support theNOT_APPLICABLE
andINSUFFICIENT_DATA
values.Type: String
Valid Values:
COMPLIANT | NON_COMPLIANT | NOT_APPLICABLE | INSUFFICIENT_DATA
Required: No
- ConfigRuleName
-
The name of the AWS Config rule for which you want compliance information.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
.*\S.*
Required: Yes
- ConfigurationAggregatorName
-
The name of the configuration aggregator.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 256.
Pattern:
[\w\-]+
Required: Yes
- Limit
-
The maximum number of evaluation results returned on each page. The default is 50. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.
Type: Integer
Valid Range: Minimum value of 0. Maximum value of 100.
Required: No
- NextToken
-
The
nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.Type: String
Required: No
Response Syntax
{
"AggregateEvaluationResults": [
{
"AccountId": "string",
"Annotation": "string",
"AwsRegion": "string",
"ComplianceType": "string",
"ConfigRuleInvokedTime": number,
"EvaluationResultIdentifier": {
"EvaluationResultQualifier": {
"ConfigRuleName": "string",
"EvaluationMode": "string",
"ResourceId": "string",
"ResourceType": "string"
},
"OrderingTimestamp": number,
"ResourceEvaluationId": "string"
},
"ResultRecordedTime": number
}
],
"NextToken": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- AggregateEvaluationResults
-
Returns an AggregateEvaluationResults object.
Type: Array of AggregateEvaluationResult objects
- NextToken
-
The
nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.Type: String
Errors
For information about the errors that are common to all actions, see Common Errors.
- InvalidLimitException
-
The specified limit is outside the allowable range.
HTTP Status Code: 400
- InvalidNextTokenException
-
The specified next token is not valid. Specify the
nextToken
string that was returned in the previous response to get the next page of results.HTTP Status Code: 400
- NoSuchConfigurationAggregatorException
-
You have specified a configuration aggregator that does not exist.
HTTP Status Code: 400
- ValidationException
-
The requested operation is not valid. You will see this exception if there are missing required fields or if the input value fails the validation.
For PutStoredQuery, one of the following errors:
-
There are missing required fields.
-
The input value fails the validation.
-
You are trying to create more than 300 queries.
For DescribeConfigurationRecorders and DescribeConfigurationRecorderStatus, one of the following errors:
-
You have specified more than one configuration recorder.
-
You have provided a service principal for service-linked configuration recorder that is not valid.
For AssociateResourceTypes and DisassociateResourceTypes, one of the following errors:
-
Your configuraiton recorder has a recording strategy that does not allow the association or disassociation of resource types.
-
One or more of the specified resource types are already associated or disassociated with the configuration recorder.
-
For service-linked configuration recorders, the configuration recorder does not record one or more of the specified resource types.
HTTP Status Code: 400
-
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: