2021/02/17 - AWS Config - 3 updated api methods
Changes Added INSUFFICIENT_DATA in ConformancePackComplianceType.
{'Filters': {'ComplianceType': {'INSUFFICIENT_DATA'}}}
Response {'ConformancePackRuleComplianceList': {'ComplianceType': {'INSUFFICIENT_DATA'}}}
Returns compliance details for each rule in that conformance pack.
Note
You must provide exact rule names.
See also: AWS API Documentation
Request Syntax
client.describe_conformance_pack_compliance(
ConformancePackName='string',
Filters={
'ConfigRuleNames': [
'string',
],
'ComplianceType': 'COMPLIANT'|'NON_COMPLIANT'|'INSUFFICIENT_DATA'
},
Limit=123,
NextToken='string'
)
string
[REQUIRED]
Name of the conformance pack.
dict
A ConformancePackComplianceFilters object.
ConfigRuleNames (list) --
Filters the results by AWS Config rule names.
(string) --
ComplianceType (string) --
Filters the results by compliance.
The allowed values are COMPLIANT and NON_COMPLIANT .
integer
The maximum number of AWS Config rules within a conformance pack are returned on each page.
string
The nextToken string returned in a previous request that you use to request the next page of results in a paginated response.
dict
Response Syntax
{
'ConformancePackName': 'string',
'ConformancePackRuleComplianceList': [
{
'ConfigRuleName': 'string',
'ComplianceType': 'COMPLIANT'|'NON_COMPLIANT'|'INSUFFICIENT_DATA'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
ConformancePackName (string) --
Name of the conformance pack.
ConformancePackRuleComplianceList (list) --
Returns a list of ConformancePackRuleCompliance objects.
(dict) --
Compliance information of one or more AWS Config rules within a conformance pack. You can filter using AWS Config rule names and compliance types.
ConfigRuleName (string) --
Name of the config rule.
ComplianceType (string) --
Compliance of the AWS Config rule
The allowed values are COMPLIANT and NON_COMPLIANT .
NextToken (string) --
The nextToken string returned in a previous request that you use to request the next page of results in a paginated response.
{'Filters': {'ComplianceType': {'INSUFFICIENT_DATA'}}}
Response {'ConformancePackRuleEvaluationResults': {'ComplianceType': {'INSUFFICIENT_DATA'}}}
Returns compliance details of a conformance pack for all AWS resources that are monitered by conformance pack.
See also: AWS API Documentation
Request Syntax
client.get_conformance_pack_compliance_details(
ConformancePackName='string',
Filters={
'ConfigRuleNames': [
'string',
],
'ComplianceType': 'COMPLIANT'|'NON_COMPLIANT'|'INSUFFICIENT_DATA',
'ResourceType': 'string',
'ResourceIds': [
'string',
]
},
Limit=123,
NextToken='string'
)
string
[REQUIRED]
Name of the conformance pack.
dict
A ConformancePackEvaluationFilters object.
ConfigRuleNames (list) --
Filters the results by AWS Config rule names.
(string) --
ComplianceType (string) --
Filters the results by compliance.
The allowed values are COMPLIANT and NON_COMPLIANT .
ResourceType (string) --
Filters the results by the resource type (for example, "AWS::EC2::Instance" ).
ResourceIds (list) --
Filters the results by resource IDs.
Note
This is valid only when you provide resource type. If there is no resource type, you will see an error.
(string) --
integer
The maximum number of evaluation results returned on each page. If you do no specify a number, AWS Config uses the default. The default is 100.
string
The nextToken string returned in a previous request that you use to request the next page of results in a paginated response.
dict
Response Syntax
{
'ConformancePackName': 'string',
'ConformancePackRuleEvaluationResults': [
{
'ComplianceType': 'COMPLIANT'|'NON_COMPLIANT'|'INSUFFICIENT_DATA',
'EvaluationResultIdentifier': {
'EvaluationResultQualifier': {
'ConfigRuleName': 'string',
'ResourceType': 'string',
'ResourceId': 'string'
},
'OrderingTimestamp': datetime(2015, 1, 1)
},
'ConfigRuleInvokedTime': datetime(2015, 1, 1),
'ResultRecordedTime': datetime(2015, 1, 1),
'Annotation': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
ConformancePackName (string) --
Name of the conformance pack.
ConformancePackRuleEvaluationResults (list) --
Returns a list of ConformancePackEvaluationResult objects.
(dict) --
The details of a conformance pack evaluation. Provides AWS Config rule and AWS resource type that was evaluated, the compliance of the conformance pack, related time stamps, and supplementary information.
ComplianceType (string) --
The compliance type. The allowed values are COMPLIANT and NON_COMPLIANT .
EvaluationResultIdentifier (dict) --
Uniquely identifies an evaluation result.
EvaluationResultQualifier (dict) --
Identifies an AWS Config rule used to evaluate an AWS resource, and provides the type and ID of the evaluated resource.
ConfigRuleName (string) --
The name of the AWS Config rule that was used in the evaluation.
ResourceType (string) --
The type of AWS resource that was evaluated.
ResourceId (string) --
The ID of the evaluated AWS resource.
OrderingTimestamp (datetime) --
The time of the event that triggered the evaluation of your AWS resources. The time can indicate when AWS Config delivered a configuration item change notification, or it can indicate when AWS Config delivered the configuration snapshot, depending on which event triggered the evaluation.
ConfigRuleInvokedTime (datetime) --
The time when AWS Config rule evaluated AWS resource.
ResultRecordedTime (datetime) --
The time when AWS Config recorded the evaluation result.
Annotation (string) --
Supplementary information about how the evaluation determined the compliance.
NextToken (string) --
The nextToken string returned in a previous request that you use to request the next page of results in a paginated response.
{'ConformancePackComplianceSummaryList': {'ConformancePackComplianceStatus': {'INSUFFICIENT_DATA'}}}
Returns compliance details for the conformance pack based on the cumulative compliance results of all the rules in that conformance pack.
See also: AWS API Documentation
Request Syntax
client.get_conformance_pack_compliance_summary(
ConformancePackNames=[
'string',
],
Limit=123,
NextToken='string'
)
list
[REQUIRED]
Names of conformance packs.
(string) --
integer
The maximum number of conformance packs returned on each page.
string
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
dict
Response Syntax
{
'ConformancePackComplianceSummaryList': [
{
'ConformancePackName': 'string',
'ConformancePackComplianceStatus': 'COMPLIANT'|'NON_COMPLIANT'|'INSUFFICIENT_DATA'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
ConformancePackComplianceSummaryList (list) --
A list of ConformancePackComplianceSummary objects.
(dict) --
Summary includes the name and status of the conformance pack.
ConformancePackName (string) --
The name of the conformance pack name.
ConformancePackComplianceStatus (string) --
The status of the conformance pack. The allowed values are COMPLIANT and NON_COMPLIANT.
NextToken (string) --
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.