GetAggregateComplianceDetailsByConfigRule - AWS Config

GetAggregateComplianceDetailsByConfigRule

Returns the evaluation results for the specified AWS Config rule for a specific resource in a rule. The results indicate which AWS resources were evaluated by the rule, when each resource was last evaluated, and whether each resource complies with the rule.

Note

The results can return an empty result page. But if you have a nextToken, the results are displayed on the next page.

Request Syntax

{ "AccountId": "string", "AwsRegion": "string", "ComplianceType": "string", "ConfigRuleName": "string", "ConfigurationAggregatorName": "string", "Limit": number, "NextToken": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

AccountId

The 12-digit account ID of the source account.

Type: String

Pattern: \d{12}

Required: Yes

AwsRegion

The source region from where the data is aggregated.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Required: Yes

ComplianceType

The resource compliance status.

Note

For the GetAggregateComplianceDetailsByConfigRuleRequest data type, AWS Config supports only the COMPLIANT and NON_COMPLIANT. AWS Config does not support the NOT_APPLICABLE and INSUFFICIENT_DATA values.

Type: String

Valid Values: COMPLIANT | NON_COMPLIANT | NOT_APPLICABLE | INSUFFICIENT_DATA

Required: No

ConfigRuleName

The name of the AWS Config rule for which you want compliance information.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: .*\S.*

Required: Yes

ConfigurationAggregatorName

The name of the configuration aggregator.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

Pattern: [\w\-]+

Required: Yes

Limit

The maximum number of evaluation results returned on each page. The default is 50. You cannot specify a number greater than 100. If you specify 0, AWS Config uses the default.

Type: Integer

Valid Range: Minimum value of 0. Maximum value of 100.

Required: No

NextToken

The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.

Type: String

Required: No

Response Syntax

{ "AggregateEvaluationResults": [ { "AccountId": "string", "Annotation": "string", "AwsRegion": "string", "ComplianceType": "string", "ConfigRuleInvokedTime": number, "EvaluationResultIdentifier": { "EvaluationResultQualifier": { "ConfigRuleName": "string", "EvaluationMode": "string", "ResourceId": "string", "ResourceType": "string" }, "OrderingTimestamp": number, "ResourceEvaluationId": "string" }, "ResultRecordedTime": number } ], "NextToken": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

AggregateEvaluationResults

Returns an AggregateEvaluationResults object.

Type: Array of AggregateEvaluationResult objects

NextToken

The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

InvalidLimitException

The specified limit is outside the allowable range.

HTTP Status Code: 400

InvalidNextTokenException

The specified next token is not valid. Specify the nextToken string that was returned in the previous response to get the next page of results.

HTTP Status Code: 400

NoSuchConfigurationAggregatorException

You have specified a configuration aggregator that does not exist.

HTTP Status Code: 400

ValidationException

The requested operation is not valid. You will see this exception if there are missing required fields or if the input value fails the validation.

For PutStoredQuery, one of the following errors:

  • There are missing required fields.

  • The input value fails the validation.

  • You are trying to create more than 300 queries.

For DescribeConfigurationRecorders and DescribeConfigurationRecorderStatus, one of the following errors:

  • You have specified more than one configuration recorder.

  • You have provided a service principal for service-linked configuration recorder that is not valid.

For AssociateResourceTypes and DisassociateResourceTypes, one of the following errors:

  • Your configuraiton recorder has a recording strategy that does not allow the association or disassociation of resource types.

  • One or more of the specified resource types are already associated or disassociated with the configuration recorder.

  • For service-linked configuration recorders, the configuration recorder does not record one or more of the specified resource types.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: