Returns a list of the conformance packs and their associated compliance status with the count of compliant and noncompliant Config rules within each conformance pack. - * Also returns the total rule count which includes compliant rules, noncompliant rules, and rules that cannot be evaluated due to insufficient data.
+ *Returns a list of the conformance packs and their associated compliance status with the count of compliant and noncompliant Config rules within each + * conformance pack. Also returns the total rule count which includes compliant rules, noncompliant rules, and rules that cannot be evaluated due to insufficient data.
*The results can return an empty result page, but if you have a nextToken, the results are displayed on the next page.
Returns the evaluation results for the specified Amazon Web Services resource. * The results indicate which Config rules were used to evaluate - * the resource, when each rule was last used, and whether the resource + * the resource, when each rule was last invoked, and whether the resource * complies with each rule.
*/ public getComplianceDetailsByResource( @@ -2796,6 +2811,40 @@ export class ConfigService extends ConfigServiceClient { } } + /** + *Returns a summary of resource evaluation for the specified resource evaluation ID from the proactive rules that were run. + * The results indicate which evaluation context was used to evaluate the rules, which resource details were evaluated, + * the evaluation mode that was run, and whether the resource details comply with the configuration of the proactive rules.
+ */ + public getResourceEvaluationSummary( + args: GetResourceEvaluationSummaryCommandInput, + options?: __HttpHandlerOptions + ): PromiseReturns the details of a specific stored query.
*/ @@ -2949,6 +2998,38 @@ export class ConfigService extends ConfigServiceClient { } } + /** + *Returns a list of proactive resource evaluations.
+ */ + public listResourceEvaluations( + args: ListResourceEvaluationsCommandInput, + options?: __HttpHandlerOptions + ): PromiseLists the stored queries for a single Amazon Web Services account and a single Amazon Web Services Region. The default is 100.
*/ @@ -3540,6 +3621,9 @@ export class ConfigService extends ConfigServiceClient { *Config generates a remediation exception when a problem occurs executing a remediation action to a specific resource. * Remediation exceptions blocks auto-remediation until the exception is cleared.
* + *To place an exception on an Amazon Web Services resource, ensure remediation is set as manual remediation.
+ *Runs an on-demand evaluation for the specified resource to determine whether the resource details will comply with configured Config rules. + * You can also use it for evaluation purposes. Config recommends using an evaluation context. It runs an execution against the resource details with all + * of the Config rules in your account that match with the specified proactive mode and resource type.
+ * + *Ensure you have the cloudformation:DescribeType role setup to validate the resource type schema.
+ *
Stops recording configurations of the Amazon Web Services resources you have selected to record in your Amazon Web Services account.
*/ diff --git a/clients/client-config-service/src/ConfigServiceClient.ts b/clients/client-config-service/src/ConfigServiceClient.ts index fbb54edd19bf..430da9be6956 100644 --- a/clients/client-config-service/src/ConfigServiceClient.ts +++ b/clients/client-config-service/src/ConfigServiceClient.ts @@ -281,6 +281,10 @@ import { GetResourceConfigHistoryCommandInput, GetResourceConfigHistoryCommandOutput, } from "./commands/GetResourceConfigHistoryCommand"; +import { + GetResourceEvaluationSummaryCommandInput, + GetResourceEvaluationSummaryCommandOutput, +} from "./commands/GetResourceEvaluationSummaryCommand"; import { GetStoredQueryCommandInput, GetStoredQueryCommandOutput } from "./commands/GetStoredQueryCommand"; import { ListAggregateDiscoveredResourcesCommandInput, @@ -294,6 +298,10 @@ import { ListDiscoveredResourcesCommandInput, ListDiscoveredResourcesCommandOutput, } from "./commands/ListDiscoveredResourcesCommand"; +import { + ListResourceEvaluationsCommandInput, + ListResourceEvaluationsCommandOutput, +} from "./commands/ListResourceEvaluationsCommand"; import { ListStoredQueriesCommandInput, ListStoredQueriesCommandOutput } from "./commands/ListStoredQueriesCommand"; import { ListTagsForResourceCommandInput, @@ -361,6 +369,10 @@ import { StartRemediationExecutionCommandInput, StartRemediationExecutionCommandOutput, } from "./commands/StartRemediationExecutionCommand"; +import { + StartResourceEvaluationCommandInput, + StartResourceEvaluationCommandOutput, +} from "./commands/StartResourceEvaluationCommand"; import { StopConfigurationRecorderCommandInput, StopConfigurationRecorderCommandOutput, @@ -436,10 +448,12 @@ export type ServiceInputTypes = | GetOrganizationConformancePackDetailedStatusCommandInput | GetOrganizationCustomRulePolicyCommandInput | GetResourceConfigHistoryCommandInput + | GetResourceEvaluationSummaryCommandInput | GetStoredQueryCommandInput | ListAggregateDiscoveredResourcesCommandInput | ListConformancePackComplianceScoresCommandInput | ListDiscoveredResourcesCommandInput + | ListResourceEvaluationsCommandInput | ListStoredQueriesCommandInput | ListTagsForResourceCommandInput | PutAggregationAuthorizationCommandInput @@ -462,6 +476,7 @@ export type ServiceInputTypes = | StartConfigRulesEvaluationCommandInput | StartConfigurationRecorderCommandInput | StartRemediationExecutionCommandInput + | StartResourceEvaluationCommandInput | StopConfigurationRecorderCommandInput | TagResourceCommandInput | UntagResourceCommandInput; @@ -527,10 +542,12 @@ export type ServiceOutputTypes = | GetOrganizationConformancePackDetailedStatusCommandOutput | GetOrganizationCustomRulePolicyCommandOutput | GetResourceConfigHistoryCommandOutput + | GetResourceEvaluationSummaryCommandOutput | GetStoredQueryCommandOutput | ListAggregateDiscoveredResourcesCommandOutput | ListConformancePackComplianceScoresCommandOutput | ListDiscoveredResourcesCommandOutput + | ListResourceEvaluationsCommandOutput | ListStoredQueriesCommandOutput | ListTagsForResourceCommandOutput | PutAggregationAuthorizationCommandOutput @@ -553,6 +570,7 @@ export type ServiceOutputTypes = | StartConfigRulesEvaluationCommandOutput | StartConfigurationRecorderCommandOutput | StartRemediationExecutionCommandOutput + | StartResourceEvaluationCommandOutput | StopConfigurationRecorderCommandOutput | TagResourceCommandOutput | UntagResourceCommandOutput; diff --git a/clients/client-config-service/src/commands/DescribeAggregateComplianceByConformancePacksCommand.ts b/clients/client-config-service/src/commands/DescribeAggregateComplianceByConformancePacksCommand.ts index 3049c32cec07..40b0645395f7 100644 --- a/clients/client-config-service/src/commands/DescribeAggregateComplianceByConformancePacksCommand.ts +++ b/clients/client-config-service/src/commands/DescribeAggregateComplianceByConformancePacksCommand.ts @@ -32,8 +32,8 @@ export interface DescribeAggregateComplianceByConformancePacksCommandOutput __MetadataBearer {} /** - *Returns a list of the conformance packs and their associated compliance status with the count of compliant and noncompliant Config rules within each conformance pack. - * Also returns the total rule count which includes compliant rules, noncompliant rules, and rules that cannot be evaluated due to insufficient data.
+ *Returns a list of the conformance packs and their associated compliance status with the count of compliant and noncompliant Config rules within each + * conformance pack. Also returns the total rule count which includes compliant rules, noncompliant rules, and rules that cannot be evaluated due to insufficient data.
*The results can return an empty result page, but if you have a nextToken, the results are displayed on the next page.
Returns the evaluation results for the specified Amazon Web Services resource. * The results indicate which Config rules were used to evaluate - * the resource, when each rule was last used, and whether the resource + * the resource, when each rule was last invoked, and whether the resource * complies with each rule.
* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-config-service/src/commands/GetResourceEvaluationSummaryCommand.ts b/clients/client-config-service/src/commands/GetResourceEvaluationSummaryCommand.ts new file mode 100644 index 000000000000..e3753819be8c --- /dev/null +++ b/clients/client-config-service/src/commands/GetResourceEvaluationSummaryCommand.ts @@ -0,0 +1,121 @@ +// smithy-typescript generated code +import { EndpointParameterInstructions, getEndpointPlugin } from "@aws-sdk/middleware-endpoint"; +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { ConfigServiceClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ConfigServiceClient"; +import { + GetResourceEvaluationSummaryRequest, + GetResourceEvaluationSummaryRequestFilterSensitiveLog, + GetResourceEvaluationSummaryResponse, + GetResourceEvaluationSummaryResponseFilterSensitiveLog, +} from "../models/models_0"; +import { + deserializeAws_json1_1GetResourceEvaluationSummaryCommand, + serializeAws_json1_1GetResourceEvaluationSummaryCommand, +} from "../protocols/Aws_json1_1"; + +export interface GetResourceEvaluationSummaryCommandInput extends GetResourceEvaluationSummaryRequest {} +export interface GetResourceEvaluationSummaryCommandOutput + extends GetResourceEvaluationSummaryResponse, + __MetadataBearer {} + +/** + *Returns a summary of resource evaluation for the specified resource evaluation ID from the proactive rules that were run. + * The results indicate which evaluation context was used to evaluate the rules, which resource details were evaluated, + * the evaluation mode that was run, and whether the resource details comply with the configuration of the proactive rules.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ConfigServiceClient, GetResourceEvaluationSummaryCommand } from "@aws-sdk/client-config-service"; // ES Modules import + * // const { ConfigServiceClient, GetResourceEvaluationSummaryCommand } = require("@aws-sdk/client-config-service"); // CommonJS import + * const client = new ConfigServiceClient(config); + * const command = new GetResourceEvaluationSummaryCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link GetResourceEvaluationSummaryCommandInput} for command's `input` shape. + * @see {@link GetResourceEvaluationSummaryCommandOutput} for command's `response` shape. + * @see {@link ConfigServiceClientResolvedConfig | config} for ConfigServiceClient's `config` shape. + * + */ +export class GetResourceEvaluationSummaryCommand extends $Command< + GetResourceEvaluationSummaryCommandInput, + GetResourceEvaluationSummaryCommandOutput, + ConfigServiceClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: GetResourceEvaluationSummaryCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackReturns a list of proactive resource evaluations.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ConfigServiceClient, ListResourceEvaluationsCommand } from "@aws-sdk/client-config-service"; // ES Modules import + * // const { ConfigServiceClient, ListResourceEvaluationsCommand } = require("@aws-sdk/client-config-service"); // CommonJS import + * const client = new ConfigServiceClient(config); + * const command = new ListResourceEvaluationsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListResourceEvaluationsCommandInput} for command's `input` shape. + * @see {@link ListResourceEvaluationsCommandOutput} for command's `response` shape. + * @see {@link ConfigServiceClientResolvedConfig | config} for ConfigServiceClient's `config` shape. + * + */ +export class ListResourceEvaluationsCommand extends $Command< + ListResourceEvaluationsCommandInput, + ListResourceEvaluationsCommandOutput, + ConfigServiceClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: ListResourceEvaluationsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackConfig generates a remediation exception when a problem occurs executing a remediation action to a specific resource. * Remediation exceptions blocks auto-remediation until the exception is cleared.
* + *To place an exception on an Amazon Web Services resource, ensure remediation is set as manual remediation.
+ *Runs an on-demand evaluation for the specified resource to determine whether the resource details will comply with configured Config rules. + * You can also use it for evaluation purposes. Config recommends using an evaluation context. It runs an execution against the resource details with all + * of the Config rules in your account that match with the specified proactive mode and resource type.
+ * + *Ensure you have the cloudformation:DescribeType role setup to validate the resource type schema.
+ *
Provides aggregate compliance of the conformance pack. Indicates whether a conformance pack is compliant based on the name of the conformance pack, account ID, and region.
*A conformance pack is compliant if all of the rules in a conformance packs are compliant. It is noncompliant if any of the rules are not compliant. * The compliance status of a conformance pack is INSUFFICIENT_DATA only if all rules within a conformance pack cannot be evaluated due to insufficient data. - * If some of the rules in a conformance pack are compliant but the compliance status of other rules in that same conformance pack is INSUFFICIENT_DATA, the conformance pack shows compliant.
+ * If some of the rules in a conformance pack are compliant but the compliance status of other rules in that same conformance pack is INSUFFICIENT_DATA, the conformance pack shows + * compliant. */ export interface AggregateComplianceByConformancePack { /** @@ -364,6 +365,11 @@ export interface AggregatedSourceStatus { LastErrorMessage?: string; } +export enum EvaluationMode { + DETECTIVE = "DETECTIVE", + PROACTIVE = "PROACTIVE", +} + /** *Identifies an Config rule that evaluated an Amazon Web Services resource, * and provides the type and ID of the resource that the rule @@ -385,6 +391,11 @@ export interface EvaluationResultQualifier { *
The ID of the evaluated Amazon Web Services resource.
*/ ResourceId?: string; + + /** + *The mode of an evaluation. The valid values are Detective or Proactive.
+ */ + EvaluationMode?: EvaluationMode | string; } /** @@ -404,6 +415,11 @@ export interface EvaluationResultIdentifier { * event triggered the evaluation. */ OrderingTimestamp?: Date; + + /** + *A Unique ID for an evaluation result.
+ */ + ResourceEvaluationId?: string; } /** @@ -1034,6 +1050,16 @@ export enum ConfigRuleState { EVALUATING = "EVALUATING", } +/** + *The configuration object for Config rule evaluation mode. The Supported valid values are Detective or Proactive.
+ */ +export interface EvaluationModeConfiguration { + /** + *The mode of an evaluation. The valid values are Detective or Proactive.
+ */ + Mode?: EvaluationMode | string; +} + export enum MaximumExecutionFrequency { One_Hour = "One_Hour", Six_Hours = "Six_Hours", @@ -1380,6 +1406,11 @@ export interface ConfigRule { * */ CreatedBy?: string; + + /** + *The modes the Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.
+ */ + EvaluationModes?: EvaluationModeConfiguration[]; } /** @@ -1874,36 +1905,40 @@ export interface ConfigurationItem { } /** - *Specifies the types of Amazon Web Services resource for which Config - * records configuration changes.
- *In the recording group, you specify whether all supported types - * or specific types of resources are recorded.
- *By default, Config records configuration changes for all - * supported types of regional resources that Config discovers in - * the region in which it is running. Regional resources are tied to a - * region and can be used only in that region. Examples of regional - * resources are EC2 instances and EBS volumes.
- *You can also have Config record configuration changes for - * supported types of global resources (for example, IAM resources). - * Global resources are not tied to an individual region and can be - * used in all regions.
+ *Specifies which Amazon Web Services resource types Config + * records for configuration changes. In the recording group, you specify whether you want to record all supported resource types + * or only specific types of resources.
+ * + *By default, Config records the configuration changes for all supported types of + * regional resources that Config discovers in the region in which it is + * running. Regional resources are tied to a region and can be used only in that region. Examples + * of regional resources are EC2 instances and EBS volumes.
+ *You can also have Config record supported types of global resources. + * Global resources are not tied to a specific region and can be used in all regions. The global + * resource types that Config supports include IAM users, groups, roles, and customer managed + * policies.
+ * *The configuration details for any global resource are the - * same in all regions. If you customize Config in multiple - * regions to record global resources, it will create multiple - * configuration items each time a global resource changes: one - * configuration item for each region. These configuration items - * will contain identical data. To prevent duplicate configuration - * items, you should consider customizing Config in only one - * region to record global resources, unless you want the - * configuration items to be available in multiple - * regions.
+ *Global resource types onboarded to Config recording after February 2022 will only be + * recorded in the service's home region for the commercial partition and + * Amazon Web Services GovCloud (US) West for the GovCloud partition. You can view the Configuration Items for + * these new global resource types only in their home region and Amazon Web Services GovCloud (US) West.
+ * + *Supported global resource types onboarded before February 2022 such as
+ * AWS::IAM::Group, AWS::IAM::Policy, AWS::IAM::Role,
+ * AWS::IAM::User remain unchanged, and they will continue to deliver
+ * Configuration Items in all supported regions in Config. The change will only affect new global
+ * resource types onboarded after February 2022.
To record global resource types onboarded after February 2022, + * enable All Supported Resource Types in the home region of the global resource type you want to record.
*If you don't want Config to record all resources, you can
* specify which types of resources it will record with the
* resourceTypes parameter.
For a list of supported resource types, see Supported Resource Types.
- *For more information, see Selecting Which Resources Config Records.
+ *For more information and a table of the Home Regions for Global Resource Types Onboarded after February 2022, see Selecting Which Resources Config Records.
*/ export interface RecordingGroup { /** @@ -3350,6 +3385,16 @@ export interface DescribeConfigRuleEvaluationStatusResponse { NextToken?: string; } +/** + *Returns a filtered list of Detective or Proactive Config rules. By default, if the filter is not defined, this API returns an unfiltered list.
+ */ +export interface DescribeConfigRulesFilters { + /** + *The mode of an evaluation. The valid values are Detective or Proactive.
+ */ + EvaluationMode?: EvaluationMode | string; +} + /** * */ @@ -3367,6 +3412,11 @@ export interface DescribeConfigRulesRequest { * response. */ NextToken?: string; + + /** + *Returns a list of Detecive or Proactive Config rules. By default, this API returns an unfiltered list.
+ */ + Filters?: DescribeConfigRulesFilters; } /** @@ -4752,6 +4802,17 @@ export interface Evaluation { OrderingTimestamp: Date | undefined; } +/** + *Use EvaluationContext to group independently initiated proactive resource evaluations. For example, CFN Stack. + * If you want to check just a resource definition, you do not need to provide evaluation context.
+ */ +export interface EvaluationContext { + /** + *A unique EvaluationContextIdentifier ID for an EvaluationContext.
+ */ + EvaluationContextIdentifier?: string; +} + /** *The details of an Config evaluation. Provides the Amazon Web Services * resource that was evaluated, the compliance of the resource, related @@ -4799,6 +4860,27 @@ export interface EvaluationResult { ResultToken?: string; } +export enum ResourceEvaluationStatus { + FAILED = "FAILED", + IN_PROGRESS = "IN_PROGRESS", + SUCCEEDED = "SUCCEEDED", +} + +/** + *
Returns status details of an evaluation.
+ */ +export interface EvaluationStatus { + /** + *The status of an execution. The valid values are In_Progress, Succeeded or Failed.
+ */ + Status: ResourceEvaluationStatus | string | undefined; + + /** + *An explanation for failed execution status.
+ */ + FailureReason?: string; +} + /** *Identifies an Amazon Web Services resource and indicates whether it complies with the Config rule that it was evaluated against.
*/ @@ -5230,13 +5312,13 @@ export interface GetComplianceDetailsByResourceRequest { *The type of the Amazon Web Services resource for which you want compliance * information.
*/ - ResourceType: string | undefined; + ResourceType?: string; /** *The ID of the Amazon Web Services resource for which you want compliance * information.
*/ - ResourceId: string | undefined; + ResourceId?: string; /** *Filters the results by compliance.
@@ -5252,6 +5334,14 @@ export interface GetComplianceDetailsByResourceRequest { * response. */ NextToken?: string; + + /** + *The unique ID of Amazon Web Services resource execution for which you want to retrieve evaluation results.
+ *You need to only provide either a ResourceEvaluationID or a ResourceID and ResourceType.
The unique ResourceEvaluationId of Amazon Web Services resource execution for which you want to retrieve the evaluation summary.
Returns information about the resource being evaluated.
+ */ +export interface ResourceDetails { + /** + *A unique resource ID for an evaluation.
+ */ + ResourceId: string | undefined; + + /** + *The type of resource being evaluated.
+ */ + ResourceType: string | undefined; + + /** + *The resource definition to be evaluated as per the resource configuration schema type.
+ */ + ResourceConfiguration: string | undefined; + + /** + *The schema type of the resource configuration.
+ */ + ResourceConfigurationSchemaType?: ResourceConfigurationSchemaType | string; +} + +export interface GetResourceEvaluationSummaryResponse { + /** + *The unique ResourceEvaluationId of Amazon Web Services resource execution for which you want to retrieve the evaluation summary.
Lists results of the mode that you requested to retrieve the resource evaluation summary. The valid values are Detective or Proactive.
+ */ + EvaluationMode?: EvaluationMode | string; + + /** + *Returns an EvaluationStatus object.
The start timestamp when Config rule starts evaluating compliance for the provided resource details.
+ */ + EvaluationStartTimestamp?: Date; + + /** + *The compliance status of the resource evaluation summary.
+ */ + Compliance?: ComplianceType | string; + + /** + *Returns an EvaluationContext object.
Returns a ResourceDetails object.
The name of the query.
@@ -6015,6 +6178,25 @@ export interface GetStoredQueryResponse { StoredQuery?: StoredQuery; } +/** + *Using the same client token with one or more different parameters. Specify a new client token with the parameter changes and try again.
+ */ +export class IdempotentParameterMismatch extends __BaseException { + readonly name: "IdempotentParameterMismatch" = "IdempotentParameterMismatch"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeYour Amazon S3 bucket policy does not permit Config to * write to it.
@@ -6438,6 +6620,91 @@ export interface ListDiscoveredResourcesResponse { nextToken?: string; } +/** + *Filters evaluation results based on start and end times.
+ */ +export interface TimeWindow { + /** + *The start time of an execution.
+ */ + StartTime?: Date; + + /** + *The end time of an execution. The end time must be after the start date.
+ */ + EndTime?: Date; +} + +/** + *Returns details of a resource evaluation based on the selected filter.
+ */ +export interface ResourceEvaluationFilters { + /** + *Filters all resource evaluations results based on an evaluation mode. the valid value for this API is Proactive.
Returns a TimeWindow object.
Filters evaluations for a given infrastructure deployment. For example: CFN Stack.
+ */ + EvaluationContextIdentifier?: string; +} + +export interface ListResourceEvaluationsRequest { + /** + *Returns a ResourceEvaluationFilters object.
The maximum number of evaluations returned on each page. The default is 10. + * You cannot specify a number greater than 100. If you specify 0, Config uses the default.
+ */ + Limit?: number; + + /** + *The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
Returns details of a resource evaluation.
+ */ +export interface ResourceEvaluation { + /** + *The ResourceEvaluationId of a evaluation.
+ */ + ResourceEvaluationId?: string; + + /** + *The mode of an evaluation. The valid values are Detective or Proactive.
+ */ + EvaluationMode?: EvaluationMode | string; + + /** + *The starting time of an execution.
+ */ + EvaluationStartTimestamp?: Date; +} + +export interface ListResourceEvaluationsResponse { + /** + *Returns a ResourceEvaluations object.
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken string returned in a previous request that you use to request the next page of results in a paginated response.
@@ -6619,349 +6886,6 @@ export class MaxNumberOfConformancePacksExceededException extends __BaseExceptio } } -/** - *You have reached the limit of the number of delivery channels - * you can create.
- */ -export class MaxNumberOfDeliveryChannelsExceededException extends __BaseException { - readonly name: "MaxNumberOfDeliveryChannelsExceededException" = "MaxNumberOfDeliveryChannelsExceededException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeYou have reached the limit of the number of organization Config rules you can create. For more information, see see - * Service Limits - * in the Config Developer Guide.
- */ -export class MaxNumberOfOrganizationConfigRulesExceededException extends __BaseException { - readonly name: "MaxNumberOfOrganizationConfigRulesExceededException" = - "MaxNumberOfOrganizationConfigRulesExceededException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeYou have reached the limit of the number of organization conformance packs you can create in an account. For more information, see - * Service Limits - * in the Config Developer Guide.
- */ -export class MaxNumberOfOrganizationConformancePacksExceededException extends __BaseException { - readonly name: "MaxNumberOfOrganizationConformancePacksExceededException" = - "MaxNumberOfOrganizationConformancePacksExceededException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeFailed to add the retention configuration because a retention configuration with that name already exists.
- */ -export class MaxNumberOfRetentionConfigurationsExceededException extends __BaseException { - readonly name: "MaxNumberOfRetentionConfigurationsExceededException" = - "MaxNumberOfRetentionConfigurationsExceededException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeThere is no delivery channel available to record - * configurations.
- */ -export class NoAvailableDeliveryChannelException extends __BaseException { - readonly name: "NoAvailableDeliveryChannelException" = "NoAvailableDeliveryChannelException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeOrganization is no longer available.
- */ -export class NoAvailableOrganizationException extends __BaseException { - readonly name: "NoAvailableOrganizationException" = "NoAvailableOrganizationException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeThe specified Amazon S3 bucket does not exist.
- */ -export class NoSuchBucketException extends __BaseException { - readonly name: "NoSuchBucketException" = "NoSuchBucketException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeConfig resource cannot be created because your organization does not have all features enabled.
- */ -export class OrganizationAllFeaturesNotEnabledException extends __BaseException { - readonly name: "OrganizationAllFeaturesNotEnabledException" = "OrganizationAllFeaturesNotEnabledException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeYou have specified a template that is invalid or supported.
- */ -export class OrganizationConformancePackTemplateValidationException extends __BaseException { - readonly name: "OrganizationConformancePackTemplateValidationException" = - "OrganizationConformancePackTemplateValidationException"; - readonly $fault: "client" = "client"; - /** - * @internal - */ - constructor(opts: __ExceptionOptionTypeAn - * object that specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have - * debug logging enabled, and other custom rule metadata, such as resource type, resource - * ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.
- */ -export interface OrganizationCustomPolicyRuleMetadata { - /** - *The description that you provide for your organization Config Custom Policy rule.
- */ - Description?: string; - - /** - *The type of notification that initiates Config to run an evaluation for a rule. - * For Config Custom Policy rules, Config supports change-initiated notification types:
- * - *
- * ConfigurationItemChangeNotification - Initiates an evaluation when Config delivers a configuration item as a result of a resource
- * change.
- * OversizedConfigurationItemChangeNotification - Initiates an evaluation when
- * Config delivers an oversized configuration item. Config may generate this notification type when a resource changes and the
- * notification exceeds the maximum size allowed by Amazon SNS.
A string, in JSON format, that is passed to your organization Config Custom Policy rule.
- */ - InputParameters?: string; - - /** - *The maximum frequency with which Config runs evaluations for a rule. Your - * Config Custom Policy rule is triggered when Config delivers - * the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.
- */ - MaximumExecutionFrequency?: MaximumExecutionFrequency | string; - - /** - *The type of the Amazon Web Services resource that was evaluated.
- */ - ResourceTypesScope?: string[]; - - /** - *The ID of the Amazon Web Services resource that was evaluated.
- */ - ResourceIdScope?: string; - - /** - *One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.
- */ - TagKeyScope?: string; - - /** - *The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).
- */ - TagValueScope?: string; - - /** - *The runtime system for your organization Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. For more information about Guard, see the Guard GitHub - * Repository.
- */ - PolicyRuntime: string | undefined; - - /** - *The policy definition containing the logic for your organization Config Custom Policy rule.
- */ - PolicyText: string | undefined; - - /** - *A list of accounts that you can enable debug logging for your organization Config Custom Policy rule. List is null when debug logging is enabled for all accounts.
- */ - DebugLogDeliveryAccounts?: string[]; -} - -export interface PutAggregationAuthorizationRequest { - /** - *The 12-digit account ID of the account authorized to aggregate data.
- */ - AuthorizedAccountId: string | undefined; - - /** - *The region authorized to collect aggregated data.
- */ - AuthorizedAwsRegion: string | undefined; - - /** - *An array of tag object.
- */ - Tags?: Tag[]; -} - -export interface PutAggregationAuthorizationResponse { - /** - *Returns an AggregationAuthorization object. - * - *
- */ - AggregationAuthorization?: AggregationAuthorization; -} - -export interface PutConfigRuleRequest { - /** - *The rule that you want to add to your account.
- */ - ConfigRule: ConfigRule | undefined; - - /** - *An array of tag object.
- */ - Tags?: Tag[]; -} - -export interface PutConfigurationAggregatorRequest { - /** - *The name of the configuration aggregator.
- */ - ConfigurationAggregatorName: string | undefined; - - /** - *A list of AccountAggregationSource object. - * - *
- */ - AccountAggregationSources?: AccountAggregationSource[]; - - /** - *An OrganizationAggregationSource object.
- */ - OrganizationAggregationSource?: OrganizationAggregationSource; - - /** - *An array of tag object.
- */ - Tags?: Tag[]; -} - -export interface PutConfigurationAggregatorResponse { - /** - *Returns a ConfigurationAggregator object.
- */ - ConfigurationAggregator?: ConfigurationAggregator; -} - -/** - *The input for the PutConfigurationRecorder - * action.
- */ -export interface PutConfigurationRecorderRequest { - /** - *The configuration recorder object that records each - * configuration change made to the resources.
- */ - ConfigurationRecorder: ConfigurationRecorder | undefined; -} - /** * @internal */ @@ -7172,6 +7096,13 @@ export const ConfigExportDeliveryInfoFilterSensitiveLog = (obj: ConfigExportDeli ...obj, }); +/** + * @internal + */ +export const EvaluationModeConfigurationFilterSensitiveLog = (obj: EvaluationModeConfiguration): any => ({ + ...obj, +}); + /** * @internal */ @@ -7673,6 +7604,13 @@ export const DescribeConfigRuleEvaluationStatusResponseFilterSensitiveLog = ( ...obj, }); +/** + * @internal + */ +export const DescribeConfigRulesFiltersFilterSensitiveLog = (obj: DescribeConfigRulesFilters): any => ({ + ...obj, +}); + /** * @internal */ @@ -8138,6 +8076,13 @@ export const EvaluationFilterSensitiveLog = (obj: Evaluation): any => ({ ...obj, }); +/** + * @internal + */ +export const EvaluationContextFilterSensitiveLog = (obj: EvaluationContext): any => ({ + ...obj, +}); + /** * @internal */ @@ -8145,6 +8090,13 @@ export const EvaluationResultFilterSensitiveLog = (obj: EvaluationResult): any = ...obj, }); +/** + * @internal + */ +export const EvaluationStatusFilterSensitiveLog = (obj: EvaluationStatus): any => ({ + ...obj, +}); + /** * @internal */ @@ -8509,6 +8461,31 @@ export const GetResourceConfigHistoryResponseFilterSensitiveLog = (obj: GetResou ...obj, }); +/** + * @internal + */ +export const GetResourceEvaluationSummaryRequestFilterSensitiveLog = ( + obj: GetResourceEvaluationSummaryRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ResourceDetailsFilterSensitiveLog = (obj: ResourceDetails): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const GetResourceEvaluationSummaryResponseFilterSensitiveLog = ( + obj: GetResourceEvaluationSummaryResponse +): any => ({ + ...obj, +}); + /** * @internal */ @@ -8597,94 +8574,76 @@ export const ListDiscoveredResourcesResponseFilterSensitiveLog = (obj: ListDisco /** * @internal */ -export const ListStoredQueriesRequestFilterSensitiveLog = (obj: ListStoredQueriesRequest): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const StoredQueryMetadataFilterSensitiveLog = (obj: StoredQueryMetadata): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const ListStoredQueriesResponseFilterSensitiveLog = (obj: ListStoredQueriesResponse): any => ({ +export const TimeWindowFilterSensitiveLog = (obj: TimeWindow): any => ({ ...obj, }); /** * @internal */ -export const ListTagsForResourceRequestFilterSensitiveLog = (obj: ListTagsForResourceRequest): any => ({ +export const ResourceEvaluationFiltersFilterSensitiveLog = (obj: ResourceEvaluationFilters): any => ({ ...obj, }); /** * @internal */ -export const TagFilterSensitiveLog = (obj: Tag): any => ({ +export const ListResourceEvaluationsRequestFilterSensitiveLog = (obj: ListResourceEvaluationsRequest): any => ({ ...obj, }); /** * @internal */ -export const ListTagsForResourceResponseFilterSensitiveLog = (obj: ListTagsForResourceResponse): any => ({ +export const ResourceEvaluationFilterSensitiveLog = (obj: ResourceEvaluation): any => ({ ...obj, }); /** * @internal */ -export const OrganizationCustomPolicyRuleMetadataFilterSensitiveLog = ( - obj: OrganizationCustomPolicyRuleMetadata -): any => ({ +export const ListResourceEvaluationsResponseFilterSensitiveLog = (obj: ListResourceEvaluationsResponse): any => ({ ...obj, }); /** * @internal */ -export const PutAggregationAuthorizationRequestFilterSensitiveLog = (obj: PutAggregationAuthorizationRequest): any => ({ +export const ListStoredQueriesRequestFilterSensitiveLog = (obj: ListStoredQueriesRequest): any => ({ ...obj, }); /** * @internal */ -export const PutAggregationAuthorizationResponseFilterSensitiveLog = ( - obj: PutAggregationAuthorizationResponse -): any => ({ +export const StoredQueryMetadataFilterSensitiveLog = (obj: StoredQueryMetadata): any => ({ ...obj, }); /** * @internal */ -export const PutConfigRuleRequestFilterSensitiveLog = (obj: PutConfigRuleRequest): any => ({ +export const ListStoredQueriesResponseFilterSensitiveLog = (obj: ListStoredQueriesResponse): any => ({ ...obj, }); /** * @internal */ -export const PutConfigurationAggregatorRequestFilterSensitiveLog = (obj: PutConfigurationAggregatorRequest): any => ({ +export const ListTagsForResourceRequestFilterSensitiveLog = (obj: ListTagsForResourceRequest): any => ({ ...obj, }); /** * @internal */ -export const PutConfigurationAggregatorResponseFilterSensitiveLog = (obj: PutConfigurationAggregatorResponse): any => ({ +export const TagFilterSensitiveLog = (obj: Tag): any => ({ ...obj, }); /** * @internal */ -export const PutConfigurationRecorderRequestFilterSensitiveLog = (obj: PutConfigurationRecorderRequest): any => ({ +export const ListTagsForResourceResponseFilterSensitiveLog = (obj: ListTagsForResourceResponse): any => ({ ...obj, }); diff --git a/clients/client-config-service/src/models/models_1.ts b/clients/client-config-service/src/models/models_1.ts index 3b750cd34b6e..e640ee1f5ea2 100644 --- a/clients/client-config-service/src/models/models_1.ts +++ b/clients/client-config-service/src/models/models_1.ts @@ -3,18 +3,28 @@ import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-cl import { ConfigServiceServiceException as __BaseException } from "./ConfigServiceServiceException"; import { + AccountAggregationSource, + AggregationAuthorization, + ConfigRule, + ConfigurationAggregator, + ConfigurationRecorder, ConformancePackInputParameter, DeliveryChannel, Evaluation, + EvaluationContext, + EvaluationMode, ExternalEvaluation, FailedRemediationBatch, FailedRemediationExceptionBatch, FieldInfo, - OrganizationCustomPolicyRuleMetadata, + MaximumExecutionFrequency, + OrganizationAggregationSource, + OrganizationConfigRuleTriggerTypeNoSN, OrganizationCustomRuleMetadata, OrganizationManagedRuleMetadata, RemediationConfiguration, RemediationExceptionResourceKey, + ResourceDetails, ResourceKey, RetentionConfiguration, StoredQuery, @@ -22,6 +32,349 @@ import { TemplateSSMDocumentDetails, } from "./models_0"; +/** + *You have reached the limit of the number of delivery channels + * you can create.
+ */ +export class MaxNumberOfDeliveryChannelsExceededException extends __BaseException { + readonly name: "MaxNumberOfDeliveryChannelsExceededException" = "MaxNumberOfDeliveryChannelsExceededException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeYou have reached the limit of the number of organization Config rules you can create. For more information, see see + * Service Limits + * in the Config Developer Guide.
+ */ +export class MaxNumberOfOrganizationConfigRulesExceededException extends __BaseException { + readonly name: "MaxNumberOfOrganizationConfigRulesExceededException" = + "MaxNumberOfOrganizationConfigRulesExceededException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeYou have reached the limit of the number of organization conformance packs you can create in an account. For more information, see + * Service Limits + * in the Config Developer Guide.
+ */ +export class MaxNumberOfOrganizationConformancePacksExceededException extends __BaseException { + readonly name: "MaxNumberOfOrganizationConformancePacksExceededException" = + "MaxNumberOfOrganizationConformancePacksExceededException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeFailed to add the retention configuration because a retention configuration with that name already exists.
+ */ +export class MaxNumberOfRetentionConfigurationsExceededException extends __BaseException { + readonly name: "MaxNumberOfRetentionConfigurationsExceededException" = + "MaxNumberOfRetentionConfigurationsExceededException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeThere is no delivery channel available to record + * configurations.
+ */ +export class NoAvailableDeliveryChannelException extends __BaseException { + readonly name: "NoAvailableDeliveryChannelException" = "NoAvailableDeliveryChannelException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeOrganization is no longer available.
+ */ +export class NoAvailableOrganizationException extends __BaseException { + readonly name: "NoAvailableOrganizationException" = "NoAvailableOrganizationException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeThe specified Amazon S3 bucket does not exist.
+ */ +export class NoSuchBucketException extends __BaseException { + readonly name: "NoSuchBucketException" = "NoSuchBucketException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeConfig resource cannot be created because your organization does not have all features enabled.
+ */ +export class OrganizationAllFeaturesNotEnabledException extends __BaseException { + readonly name: "OrganizationAllFeaturesNotEnabledException" = "OrganizationAllFeaturesNotEnabledException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeYou have specified a template that is invalid or supported.
+ */ +export class OrganizationConformancePackTemplateValidationException extends __BaseException { + readonly name: "OrganizationConformancePackTemplateValidationException" = + "OrganizationConformancePackTemplateValidationException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeAn + * object that specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have + * debug logging enabled, and other custom rule metadata, such as resource type, resource + * ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.
+ */ +export interface OrganizationCustomPolicyRuleMetadata { + /** + *The description that you provide for your organization Config Custom Policy rule.
+ */ + Description?: string; + + /** + *The type of notification that initiates Config to run an evaluation for a rule. + * For Config Custom Policy rules, Config supports change-initiated notification types:
+ * + *
+ * ConfigurationItemChangeNotification - Initiates an evaluation when Config delivers a configuration item as a result of a resource
+ * change.
+ * OversizedConfigurationItemChangeNotification - Initiates an evaluation when
+ * Config delivers an oversized configuration item. Config may generate this notification type when a resource changes and the
+ * notification exceeds the maximum size allowed by Amazon SNS.
A string, in JSON format, that is passed to your organization Config Custom Policy rule.
+ */ + InputParameters?: string; + + /** + *The maximum frequency with which Config runs evaluations for a rule. Your + * Config Custom Policy rule is triggered when Config delivers + * the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.
+ */ + MaximumExecutionFrequency?: MaximumExecutionFrequency | string; + + /** + *The type of the Amazon Web Services resource that was evaluated.
+ */ + ResourceTypesScope?: string[]; + + /** + *The ID of the Amazon Web Services resource that was evaluated.
+ */ + ResourceIdScope?: string; + + /** + *One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.
+ */ + TagKeyScope?: string; + + /** + *The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).
+ */ + TagValueScope?: string; + + /** + *The runtime system for your organization Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. For more information about Guard, see the Guard GitHub + * Repository.
+ */ + PolicyRuntime: string | undefined; + + /** + *The policy definition containing the logic for your organization Config Custom Policy rule.
+ */ + PolicyText: string | undefined; + + /** + *A list of accounts that you can enable debug logging for your organization Config Custom Policy rule. List is null when debug logging is enabled for all accounts.
+ */ + DebugLogDeliveryAccounts?: string[]; +} + +export interface PutAggregationAuthorizationRequest { + /** + *The 12-digit account ID of the account authorized to aggregate data.
+ */ + AuthorizedAccountId: string | undefined; + + /** + *The region authorized to collect aggregated data.
+ */ + AuthorizedAwsRegion: string | undefined; + + /** + *An array of tag object.
+ */ + Tags?: Tag[]; +} + +export interface PutAggregationAuthorizationResponse { + /** + *Returns an AggregationAuthorization object. + * + *
+ */ + AggregationAuthorization?: AggregationAuthorization; +} + +export interface PutConfigRuleRequest { + /** + *The rule that you want to add to your account.
+ */ + ConfigRule: ConfigRule | undefined; + + /** + *An array of tag object.
+ */ + Tags?: Tag[]; +} + +export interface PutConfigurationAggregatorRequest { + /** + *The name of the configuration aggregator.
+ */ + ConfigurationAggregatorName: string | undefined; + + /** + *A list of AccountAggregationSource object. + * + *
+ */ + AccountAggregationSources?: AccountAggregationSource[]; + + /** + *An OrganizationAggregationSource object.
+ */ + OrganizationAggregationSource?: OrganizationAggregationSource; + + /** + *An array of tag object.
+ */ + Tags?: Tag[]; +} + +export interface PutConfigurationAggregatorResponse { + /** + *Returns a ConfigurationAggregator object.
+ */ + ConfigurationAggregator?: ConfigurationAggregator; +} + +/** + *The input for the PutConfigurationRecorder + * action.
+ */ +export interface PutConfigurationRecorderRequest { + /** + *The configuration recorder object that records each + * configuration change made to the resources.
+ */ + ConfigurationRecorder: ConfigurationRecorder | undefined; +} + export interface PutConformancePackRequest { /** *The unique name of the conformance pack you want to deploy.
@@ -555,6 +908,50 @@ export interface StartRemediationExecutionResponse { FailedItems?: ResourceKey[]; } +export interface StartResourceEvaluationRequest { + /** + *Returns a ResourceDetails object.
Returns an EvaluationContext object.
The mode of an evaluation. The valid value for this API is Proactive.
The timeout for an evaluation. The default is 900 seconds. You cannot specify a number greater than 3600. If you specify 0, Config uses the default.
+ */ + EvaluationTimeout?: number; + + /** + *A client token is a unique, case-sensitive string of up to 64 ASCII characters. + * To make an idempotent API request using one of these actions, specify a client token in the request.
+ *Avoid reusing the same client token for other API requests. If you retry + * a request that completed successfully using the same client token and the same + * parameters, the retry succeeds without performing any further actions. If you retry + * a successful request using the same client token, but one or more of the parameters + * are different, other than the Region or Availability Zone, the retry fails with an + * IdempotentParameterMismatch error.
+ *A + * unique ResourceEvaluationId that is associated with a single execution.
+ */ + ResourceEvaluationId?: string; +} + /** *The input for the StopConfigurationRecorder action.
*/ @@ -589,6 +986,59 @@ export interface UntagResourceRequest { TagKeys: string[] | undefined; } +/** + * @internal + */ +export const OrganizationCustomPolicyRuleMetadataFilterSensitiveLog = ( + obj: OrganizationCustomPolicyRuleMetadata +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutAggregationAuthorizationRequestFilterSensitiveLog = (obj: PutAggregationAuthorizationRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutAggregationAuthorizationResponseFilterSensitiveLog = ( + obj: PutAggregationAuthorizationResponse +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutConfigRuleRequestFilterSensitiveLog = (obj: PutConfigRuleRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutConfigurationAggregatorRequestFilterSensitiveLog = (obj: PutConfigurationAggregatorRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutConfigurationAggregatorResponseFilterSensitiveLog = (obj: PutConfigurationAggregatorResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutConfigurationRecorderRequestFilterSensitiveLog = (obj: PutConfigurationRecorderRequest): any => ({ + ...obj, +}); + /** * @internal */ @@ -811,6 +1261,20 @@ export const StartRemediationExecutionResponseFilterSensitiveLog = (obj: StartRe ...obj, }); +/** + * @internal + */ +export const StartResourceEvaluationRequestFilterSensitiveLog = (obj: StartResourceEvaluationRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const StartResourceEvaluationResponseFilterSensitiveLog = (obj: StartResourceEvaluationResponse): any => ({ + ...obj, +}); + /** * @internal */ diff --git a/clients/client-config-service/src/pagination/ListResourceEvaluationsPaginator.ts b/clients/client-config-service/src/pagination/ListResourceEvaluationsPaginator.ts new file mode 100644 index 000000000000..fdf24ad592bc --- /dev/null +++ b/clients/client-config-service/src/pagination/ListResourceEvaluationsPaginator.ts @@ -0,0 +1,61 @@ +// smithy-typescript generated code +import { Paginator } from "@aws-sdk/types"; + +import { + ListResourceEvaluationsCommand, + ListResourceEvaluationsCommandInput, + ListResourceEvaluationsCommandOutput, +} from "../commands/ListResourceEvaluationsCommand"; +import { ConfigService } from "../ConfigService"; +import { ConfigServiceClient } from "../ConfigServiceClient"; +import { ConfigServicePaginationConfiguration } from "./Interfaces"; + +/** + * @private + */ +const makePagedClientRequest = async ( + client: ConfigServiceClient, + input: ListResourceEvaluationsCommandInput, + ...args: any +): PromiseProvides aggregate compliance of the conformance pack. Indicates whether a conformance pack is compliant based on the name of the conformance pack, account ID, and region.
\n\t\tA conformance pack is compliant if all of the rules in a conformance packs are compliant. It is noncompliant if any of the rules are not compliant.\n\t\t\tThe compliance status of a conformance pack is INSUFFICIENT_DATA only if all rules within a conformance pack cannot be evaluated due to insufficient data.\n\t\t\tIf some of the rules in a conformance pack are compliant but the compliance status of other rules in that same conformance pack is INSUFFICIENT_DATA, the conformance pack shows compliant.
" + "smithy.api#documentation": "Provides aggregate compliance of the conformance pack. Indicates whether a conformance pack is compliant based on the name of the conformance pack, account ID, and region.
\n\t\tA conformance pack is compliant if all of the rules in a conformance packs are compliant. It is noncompliant if any of the rules are not compliant.\n\t\t\tThe compliance status of a conformance pack is INSUFFICIENT_DATA only if all rules within a conformance pack cannot be evaluated due to insufficient data.\n\t\t\tIf some of the rules in a conformance pack are compliant but the compliance status of other rules in that same conformance pack is INSUFFICIENT_DATA, the conformance pack shows \n\t\t\tcompliant.
" } }, "com.amazonaws.configservice#AggregateComplianceByConformancePackList": { @@ -895,6 +895,15 @@ } } }, + "com.amazonaws.configservice#ClientToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 64, + "max": 256 + } + } + }, "com.amazonaws.configservice#Compliance": { "type": "structure", "members": { @@ -1210,6 +1219,12 @@ "traits": { "smithy.api#documentation": "Service principal name of the service that created the\n\t\t\trule.
\n\t\tThe field is populated only if the service-linked rule is\n\t\t\t\tcreated by a service. The field is empty if you create your own\n\t\t\t\trule.
\n\t\tThe modes the Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.
" + } } }, "traits": { @@ -3330,7 +3345,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a list of the conformance packs and their associated compliance status with the count of compliant and noncompliant Config rules within each conformance pack.\n\t\t\tAlso returns the total rule count which includes compliant rules, noncompliant rules, and rules that cannot be evaluated due to insufficient data.
\n\t\tThe results can return an empty result page, but if you have a nextToken, the results are displayed on the next page.
Returns a list of the conformance packs and their associated compliance status with the count of compliant and noncompliant Config rules within each \n\t\t\tconformance pack. Also returns the total rule count which includes compliant rules, noncompliant rules, and rules that cannot be evaluated due to insufficient data.
\n\t\tThe results can return an empty result page, but if you have a nextToken, the results are displayed on the next page.
The mode of an evaluation. The valid values are Detective or Proactive.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Returns a filtered list of Detective or Proactive Config rules. By default, if the filter is not defined, this API returns an unfiltered list.
" + } + }, "com.amazonaws.configservice#DescribeConfigRulesRequest": { "type": "structure", "members": { @@ -3725,6 +3757,12 @@ "traits": { "smithy.api#documentation": "The nextToken string returned on a previous page\n\t\t\tthat you use to get the next page of results in a paginated\n\t\t\tresponse.
Returns a list of Detecive or Proactive Config rules. By default, this API returns an unfiltered list.
" + } } }, "traits": { @@ -5003,6 +5041,66 @@ "smithy.api#documentation": "Identifies an Amazon Web Services resource and indicates whether it complies\n\t\t\twith the Config rule that it was evaluated against.
" } }, + "com.amazonaws.configservice#EvaluationContext": { + "type": "structure", + "members": { + "EvaluationContextIdentifier": { + "target": "com.amazonaws.configservice#EvaluationContextIdentifier", + "traits": { + "smithy.api#documentation": "A unique EvaluationContextIdentifier ID for an EvaluationContext.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Use EvaluationContext to group independently initiated proactive resource evaluations. For example, CFN Stack. \n\t\t\tIf you want to check just a resource definition, you do not need to provide evaluation context.
" + } + }, + "com.amazonaws.configservice#EvaluationContextIdentifier": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + } + } + }, + "com.amazonaws.configservice#EvaluationMode": { + "type": "enum", + "members": { + "DETECTIVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DETECTIVE" + } + }, + "PROACTIVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PROACTIVE" + } + } + } + }, + "com.amazonaws.configservice#EvaluationModeConfiguration": { + "type": "structure", + "members": { + "Mode": { + "target": "com.amazonaws.configservice#EvaluationMode", + "traits": { + "smithy.api#documentation": "The mode of an evaluation. The valid values are Detective or Proactive.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The configuration object for Config rule evaluation mode. The Supported valid values are Detective or Proactive.
" + } + }, + "com.amazonaws.configservice#EvaluationModes": { + "type": "list", + "member": { + "target": "com.amazonaws.configservice#EvaluationModeConfiguration" + } + }, "com.amazonaws.configservice#EvaluationResult": { "type": "structure", "members": { @@ -5061,6 +5159,12 @@ "traits": { "smithy.api#documentation": "The time of the event that triggered the evaluation of your Amazon Web Services\n\t\t\tresources. The time can indicate when Config delivered a\n\t\t\tconfiguration item change notification, or it can indicate when Config delivered the configuration snapshot, depending on which\n\t\t\tevent triggered the evaluation.
" } + }, + "ResourceEvaluationId": { + "target": "com.amazonaws.configservice#ResourceEvaluationId", + "traits": { + "smithy.api#documentation": "A Unique ID for an evaluation result.
" + } } }, "traits": { @@ -5087,6 +5191,12 @@ "traits": { "smithy.api#documentation": "The ID of the evaluated Amazon Web Services resource.
" } + }, + "EvaluationMode": { + "target": "com.amazonaws.configservice#EvaluationMode", + "traits": { + "smithy.api#documentation": "The mode of an evaluation. The valid values are Detective or Proactive.
" + } } }, "traits": { @@ -5099,6 +5209,37 @@ "target": "com.amazonaws.configservice#EvaluationResult" } }, + "com.amazonaws.configservice#EvaluationStatus": { + "type": "structure", + "members": { + "Status": { + "target": "com.amazonaws.configservice#ResourceEvaluationStatus", + "traits": { + "smithy.api#documentation": "The status of an execution. The valid values are In_Progress, Succeeded or Failed.
", + "smithy.api#required": {} + } + }, + "FailureReason": { + "target": "com.amazonaws.configservice#StringWithCharLimit1024", + "traits": { + "smithy.api#documentation": "An explanation for failed execution status.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Returns status details of an evaluation.
" + } + }, + "com.amazonaws.configservice#EvaluationTimeout": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#range": { + "min": 0, + "max": 3600 + } + } + }, "com.amazonaws.configservice#Evaluations": { "type": "list", "member": { @@ -5835,7 +5976,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns the evaluation results for the specified Amazon Web Services resource.\n\t\t\tThe results indicate which Config rules were used to evaluate\n\t\t\tthe resource, when each rule was last used, and whether the resource\n\t\t\tcomplies with each rule.
", + "smithy.api#documentation": "Returns the evaluation results for the specified Amazon Web Services resource.\n\t\t\tThe results indicate which Config rules were used to evaluate\n\t\t\tthe resource, when each rule was last invoked, and whether the resource\n\t\t\tcomplies with each rule.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -5849,15 +5990,13 @@ "ResourceType": { "target": "com.amazonaws.configservice#StringWithCharLimit256", "traits": { - "smithy.api#documentation": "The type of the Amazon Web Services resource for which you want compliance\n\t\t\tinformation.
", - "smithy.api#required": {} + "smithy.api#documentation": "The type of the Amazon Web Services resource for which you want compliance\n\t\t\tinformation.
" } }, "ResourceId": { "target": "com.amazonaws.configservice#BaseResourceId", "traits": { - "smithy.api#documentation": "The ID of the Amazon Web Services resource for which you want compliance\n\t\t\tinformation.
", - "smithy.api#required": {} + "smithy.api#documentation": "The ID of the Amazon Web Services resource for which you want compliance\n\t\t\tinformation.
" } }, "ComplianceTypes": { @@ -5871,6 +6010,12 @@ "traits": { "smithy.api#documentation": "The nextToken string returned on a previous page\n\t\t\tthat you use to get the next page of results in a paginated\n\t\t\tresponse.
The unique ID of Amazon Web Services resource execution for which you want to retrieve evaluation results.
\n\t\tYou need to only provide either a ResourceEvaluationID or a ResourceID and ResourceType.
The output for the GetResourceConfigHistory\n\t\t\taction.
" } }, + "com.amazonaws.configservice#GetResourceEvaluationSummary": { + "type": "operation", + "input": { + "target": "com.amazonaws.configservice#GetResourceEvaluationSummaryRequest" + }, + "output": { + "target": "com.amazonaws.configservice#GetResourceEvaluationSummaryResponse" + }, + "errors": [ + { + "target": "com.amazonaws.configservice#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "Returns a summary of resource evaluation for the specified resource evaluation ID from the proactive rules that were run. \n\t\t\tThe results indicate which evaluation context was used to evaluate the rules, which resource details were evaluated,\n\t\t\tthe evaluation mode that was run, and whether the resource details comply with the configuration of the proactive rules.
" + } + }, + "com.amazonaws.configservice#GetResourceEvaluationSummaryRequest": { + "type": "structure", + "members": { + "ResourceEvaluationId": { + "target": "com.amazonaws.configservice#ResourceEvaluationId", + "traits": { + "smithy.api#documentation": "The unique ResourceEvaluationId of Amazon Web Services resource execution for which you want to retrieve the evaluation summary.
The unique ResourceEvaluationId of Amazon Web Services resource execution for which you want to retrieve the evaluation summary.
Lists results of the mode that you requested to retrieve the resource evaluation summary. The valid values are Detective or Proactive.
" + } + }, + "EvaluationStatus": { + "target": "com.amazonaws.configservice#EvaluationStatus", + "traits": { + "smithy.api#documentation": "Returns an EvaluationStatus object.
The start timestamp when Config rule starts evaluating compliance for the provided resource details.
" + } + }, + "Compliance": { + "target": "com.amazonaws.configservice#ComplianceType", + "traits": { + "smithy.api#documentation": "The compliance status of the resource evaluation summary.
" + } + }, + "EvaluationContext": { + "target": "com.amazonaws.configservice#EvaluationContext", + "traits": { + "smithy.api#documentation": "Returns an EvaluationContext object.
Returns a ResourceDetails object.
Using the same client token with one or more different parameters. Specify a new client token with the parameter changes and try again.
", + "smithy.api#error": "client", + "smithy.api#httpError": 400 + } + }, "com.amazonaws.configservice#IncludeGlobalResourceTypes": { "type": "boolean", "traits": { @@ -7200,6 +7434,86 @@ "smithy.api#documentation": "" } }, + "com.amazonaws.configservice#ListResourceEvaluations": { + "type": "operation", + "input": { + "target": "com.amazonaws.configservice#ListResourceEvaluationsRequest" + }, + "output": { + "target": "com.amazonaws.configservice#ListResourceEvaluationsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.configservice#InvalidNextTokenException" + }, + { + "target": "com.amazonaws.configservice#InvalidParameterValueException" + }, + { + "target": "com.amazonaws.configservice#InvalidTimeRangeException" + } + ], + "traits": { + "smithy.api#documentation": "Returns a list of proactive resource evaluations.
", + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "ResourceEvaluations", + "pageSize": "Limit" + } + } + }, + "com.amazonaws.configservice#ListResourceEvaluationsPageItemLimit": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#range": { + "min": 0, + "max": 100 + } + } + }, + "com.amazonaws.configservice#ListResourceEvaluationsRequest": { + "type": "structure", + "members": { + "Filters": { + "target": "com.amazonaws.configservice#ResourceEvaluationFilters", + "traits": { + "smithy.api#documentation": "Returns a ResourceEvaluationFilters object.
The maximum number of evaluations returned on each page. The default is 10. \n\t\t\tYou cannot specify a number greater than 100. If you specify 0, Config uses the default.
" + } + }, + "NextToken": { + "target": "com.amazonaws.configservice#String", + "traits": { + "smithy.api#documentation": "The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
Returns a ResourceEvaluations object.
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
A remediation exception is when a specific resource is no longer considered for auto-remediation. \n\t\t\tThis API adds a new exception or updates an existing exception for a specific resource with a specific Config rule.
\n\t\tConfig generates a remediation exception when a problem occurs executing a remediation action to a specific resource. \n\t\t\tRemediation exceptions blocks auto-remediation until the exception is cleared.
\nA remediation exception is when a specific resource is no longer considered for auto-remediation. \n\t\t\tThis API adds a new exception or updates an existing exception for a specific resource with a specific Config rule.
\n\t\tConfig generates a remediation exception when a problem occurs executing a remediation action to a specific resource. \n\t\t\tRemediation exceptions blocks auto-remediation until the exception is cleared.
\nTo place an exception on an Amazon Web Services resource, ensure remediation is set as manual remediation.
\nSpecifies the types of Amazon Web Services resource for which Config\n\t\t\trecords configuration changes.
\n\t\tIn the recording group, you specify whether all supported types\n\t\t\tor specific types of resources are recorded.
\n\t\tBy default, Config records configuration changes for all\n\t\t\tsupported types of regional resources that Config discovers in\n\t\t\tthe region in which it is running. Regional resources are tied to a\n\t\t\tregion and can be used only in that region. Examples of regional\n\t\t\tresources are EC2 instances and EBS volumes.
\n\t\tYou can also have Config record configuration changes for\n\t\t\tsupported types of global resources (for example, IAM resources).\n\t\t\tGlobal resources are not tied to an individual region and can be\n\t\t\tused in all regions.
\n\t\tThe configuration details for any global resource are the\n\t\t\t\tsame in all regions. If you customize Config in multiple\n\t\t\t\tregions to record global resources, it will create multiple\n\t\t\t\tconfiguration items each time a global resource changes: one\n\t\t\t\tconfiguration item for each region. These configuration items\n\t\t\t\twill contain identical data. To prevent duplicate configuration\n\t\t\t\titems, you should consider customizing Config in only one\n\t\t\t\tregion to record global resources, unless you want the\n\t\t\t\tconfiguration items to be available in multiple\n\t\t\t\tregions.
\n\t\tIf you don't want Config to record all resources, you can\n\t\t\tspecify which types of resources it will record with the\n\t\t\t\tresourceTypes parameter.
For a list of supported resource types, see Supported Resource Types.
\n\t\tFor more information, see Selecting Which Resources Config Records.
" + "smithy.api#documentation": "Specifies which Amazon Web Services resource types Config\n\t\t\trecords for configuration changes. In the recording group, you specify whether you want to record all supported resource types\n\t\t\tor only specific types of resources.
\n\t\t\n\t \tBy default, Config records the configuration changes for all supported types of\n\t\t\t\tregional resources that Config discovers in the region in which it is\n\t\t\t\trunning. Regional resources are tied to a region and can be used only in that region. Examples\n\t\t\t\tof regional resources are EC2 instances and EBS volumes.
\n\t\t\tYou can also have Config record supported types of global resources.\n\t\t\t\tGlobal resources are not tied to a specific region and can be used in all regions. The global\n\t\t\t\tresource types that Config supports include IAM users, groups, roles, and customer managed\n\t\t\t\tpolicies.
\n\t\t\n\t\tGlobal resource types onboarded to Config recording after February 2022 will only be\n\t\t\t\trecorded in the service's home region for the commercial partition and\n\t\t\t\tAmazon Web Services GovCloud (US) West for the GovCloud partition. You can view the Configuration Items for\n\t\t\t\tthese new global resource types only in their home region and Amazon Web Services GovCloud (US) West.
\n\t\t\t\n\t\t\tSupported global resource types onboarded before February 2022 such as\n\t\t\t\tAWS::IAM::Group, AWS::IAM::Policy, AWS::IAM::Role,\n\t\t\t\tAWS::IAM::User remain unchanged, and they will continue to deliver\n\t\t\t\tConfiguration Items in all supported regions in Config. The change will only affect new global\n\t\t\t\tresource types onboarded after February 2022.
To record global resource types onboarded after February 2022,\n\t\t\t\tenable All Supported Resource Types in the home region of the global resource type you want to record.
\t\n\t\tIf you don't want Config to record all resources, you can\n\t\t\tspecify which types of resources it will record with the\n\t\t\t\tresourceTypes parameter.
For a list of supported resource types, see Supported Resource Types.
\n\t\tFor more information and a table of the Home Regions for Global Resource Types Onboarded after February 2022, see Selecting Which Resources Config Records.
" } }, "com.amazonaws.configservice#ReevaluateConfigRuleNames": { @@ -10392,6 +10706,26 @@ "smithy.api#error": "client" } }, + "com.amazonaws.configservice#ResourceConfiguration": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 51200 + } + } + }, + "com.amazonaws.configservice#ResourceConfigurationSchemaType": { + "type": "enum", + "members": { + "CFN_RESOURCE_SCHEMA": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CFN_RESOURCE_SCHEMA" + } + } + } + }, "com.amazonaws.configservice#ResourceCount": { "type": "structure", "members": { @@ -10474,25 +10808,150 @@ "com.amazonaws.configservice#ResourceDeletionTime": { "type": "timestamp" }, - "com.amazonaws.configservice#ResourceFilters": { + "com.amazonaws.configservice#ResourceDetails": { "type": "structure", "members": { - "AccountId": { - "target": "com.amazonaws.configservice#AccountId", + "ResourceId": { + "target": "com.amazonaws.configservice#BaseResourceId", "traits": { - "smithy.api#documentation": "The 12-digit source account ID.
" + "smithy.api#documentation": "A unique resource ID for an evaluation.
", + "smithy.api#required": {} } }, - "ResourceId": { - "target": "com.amazonaws.configservice#ResourceId", + "ResourceType": { + "target": "com.amazonaws.configservice#StringWithCharLimit256", "traits": { - "smithy.api#documentation": "The ID of the resource.
" + "smithy.api#documentation": "The type of resource being evaluated.
", + "smithy.api#required": {} } }, - "ResourceName": { - "target": "com.amazonaws.configservice#ResourceName", + "ResourceConfiguration": { + "target": "com.amazonaws.configservice#ResourceConfiguration", "traits": { - "smithy.api#documentation": "The name of the resource.
" + "smithy.api#documentation": "The resource definition to be evaluated as per the resource configuration schema type.
", + "smithy.api#required": {} + } + }, + "ResourceConfigurationSchemaType": { + "target": "com.amazonaws.configservice#ResourceConfigurationSchemaType", + "traits": { + "smithy.api#documentation": "The schema type of the resource configuration.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Returns information about the resource being evaluated.
" + } + }, + "com.amazonaws.configservice#ResourceEvaluation": { + "type": "structure", + "members": { + "ResourceEvaluationId": { + "target": "com.amazonaws.configservice#ResourceEvaluationId", + "traits": { + "smithy.api#documentation": "The ResourceEvaluationId of a evaluation.
" + } + }, + "EvaluationMode": { + "target": "com.amazonaws.configservice#EvaluationMode", + "traits": { + "smithy.api#documentation": "The mode of an evaluation. The valid values are Detective or Proactive.
" + } + }, + "EvaluationStartTimestamp": { + "target": "com.amazonaws.configservice#Date", + "traits": { + "smithy.api#documentation": "The starting time of an execution.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Returns details of a resource evaluation.
" + } + }, + "com.amazonaws.configservice#ResourceEvaluationFilters": { + "type": "structure", + "members": { + "EvaluationMode": { + "target": "com.amazonaws.configservice#EvaluationMode", + "traits": { + "smithy.api#documentation": "Filters all resource evaluations results based on an evaluation mode. the valid value for this API is Proactive.
Returns a TimeWindow object.
Filters evaluations for a given infrastructure deployment. For example: CFN Stack.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Returns details of a resource evaluation based on the selected filter.
" + } + }, + "com.amazonaws.configservice#ResourceEvaluationId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + } + } + }, + "com.amazonaws.configservice#ResourceEvaluationStatus": { + "type": "enum", + "members": { + "IN_PROGRESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IN_PROGRESS" + } + }, + "FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FAILED" + } + }, + "SUCCEEDED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SUCCEEDED" + } + } + } + }, + "com.amazonaws.configservice#ResourceEvaluations": { + "type": "list", + "member": { + "target": "com.amazonaws.configservice#ResourceEvaluation" + } + }, + "com.amazonaws.configservice#ResourceFilters": { + "type": "structure", + "members": { + "AccountId": { + "target": "com.amazonaws.configservice#AccountId", + "traits": { + "smithy.api#documentation": "The 12-digit source account ID.
" + } + }, + "ResourceId": { + "target": "com.amazonaws.configservice#ResourceId", + "traits": { + "smithy.api#documentation": "The ID of the resource.
" + } + }, + "ResourceName": { + "target": "com.amazonaws.configservice#ResourceName", + "traits": { + "smithy.api#documentation": "The name of the resource.
" } }, "Region": { @@ -12318,6 +12777,9 @@ { "target": "com.amazonaws.configservice#GetResourceConfigHistory" }, + { + "target": "com.amazonaws.configservice#GetResourceEvaluationSummary" + }, { "target": "com.amazonaws.configservice#GetStoredQuery" }, @@ -12330,6 +12792,9 @@ { "target": "com.amazonaws.configservice#ListDiscoveredResources" }, + { + "target": "com.amazonaws.configservice#ListResourceEvaluations" + }, { "target": "com.amazonaws.configservice#ListStoredQueries" }, @@ -12396,6 +12861,9 @@ { "target": "com.amazonaws.configservice#StartRemediationExecution" }, + { + "target": "com.amazonaws.configservice#StartResourceEvaluation" + }, { "target": "com.amazonaws.configservice#StopConfigurationRecorder" }, @@ -12773,9 +13241,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-south-2", - "UseDualStack": true + "UseFIPS": true } }, { @@ -12786,9 +13254,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-south-2", - "UseDualStack": false + "UseFIPS": true } }, { @@ -12799,9 +13267,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-south-2", - "UseDualStack": true + "UseFIPS": false } }, { @@ -12812,9 +13280,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-south-2", - "UseDualStack": false + "UseFIPS": false } }, { @@ -12825,9 +13293,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-south-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -12838,9 +13306,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-south-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -12851,9 +13319,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-south-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -12864,9 +13332,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-south-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -12877,9 +13345,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "eu-south-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -12890,9 +13358,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "eu-south-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -12903,9 +13371,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "eu-south-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -12916,9 +13384,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "eu-south-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -12929,9 +13397,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "eu-south-2", - "UseDualStack": true + "UseFIPS": true } }, { @@ -12942,9 +13410,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "eu-south-2", - "UseDualStack": false + "UseFIPS": true } }, { @@ -12955,9 +13423,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "eu-south-2", - "UseDualStack": true + "UseFIPS": false } }, { @@ -12968,9 +13436,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "eu-south-2", - "UseDualStack": false + "UseFIPS": false } }, { @@ -12981,9 +13449,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-gov-east-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -12994,9 +13462,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-gov-east-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13007,9 +13475,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-gov-east-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13020,9 +13488,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-gov-east-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13033,9 +13501,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "me-central-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13046,9 +13514,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "me-central-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13059,9 +13527,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "me-central-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13072,9 +13540,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "me-central-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13085,9 +13553,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ca-central-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13098,9 +13566,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ca-central-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13111,9 +13579,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ca-central-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13124,9 +13592,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ca-central-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13137,9 +13605,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "eu-central-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13150,9 +13618,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "eu-central-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13163,9 +13631,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "eu-central-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13176,9 +13644,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "eu-central-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13187,9 +13655,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-iso-west-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13200,9 +13668,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-iso-west-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13211,9 +13679,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-iso-west-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13224,9 +13692,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-iso-west-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13237,9 +13705,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "eu-central-2", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13250,9 +13718,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "eu-central-2", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13263,9 +13731,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "eu-central-2", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13276,9 +13744,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "eu-central-2", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13289,9 +13757,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-west-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13302,9 +13770,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-west-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13315,9 +13783,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-west-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13328,9 +13796,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-west-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13341,9 +13809,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-west-2", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13354,9 +13822,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-west-2", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13367,9 +13835,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-west-2", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13380,9 +13848,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-west-2", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13393,9 +13861,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "af-south-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13406,9 +13874,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "af-south-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13419,9 +13887,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "af-south-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13432,9 +13900,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "af-south-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13445,9 +13913,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "eu-north-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13458,9 +13926,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "eu-north-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13471,9 +13939,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "eu-north-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13484,9 +13952,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "eu-north-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13497,9 +13965,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "eu-west-3", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13510,9 +13978,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "eu-west-3", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13523,9 +13991,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "eu-west-3", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13536,9 +14004,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "eu-west-3", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13549,9 +14017,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "eu-west-2", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13562,9 +14030,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "eu-west-2", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13575,9 +14043,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "eu-west-2", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13588,9 +14056,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "eu-west-2", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13601,9 +14069,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "eu-west-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13614,9 +14082,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "eu-west-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13627,9 +14095,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "eu-west-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13640,9 +14108,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "eu-west-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13653,9 +14121,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-northeast-3", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13666,9 +14134,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-northeast-3", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13679,9 +14147,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-northeast-3", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13692,9 +14160,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-northeast-3", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13705,9 +14173,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-northeast-2", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13718,9 +14186,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-northeast-2", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13731,9 +14199,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-northeast-2", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13744,9 +14212,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-northeast-2", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13757,9 +14225,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-northeast-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13770,9 +14238,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-northeast-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13783,9 +14251,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-northeast-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13796,9 +14264,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-northeast-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13809,9 +14277,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "me-south-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13822,9 +14290,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "me-south-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13835,9 +14303,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "me-south-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13848,9 +14316,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "me-south-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13861,9 +14329,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "sa-east-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13874,9 +14342,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "sa-east-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13887,9 +14355,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "sa-east-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13900,9 +14368,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "sa-east-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13913,9 +14381,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-east-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13926,9 +14394,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-east-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13939,9 +14407,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-east-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -13952,9 +14420,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-east-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -13965,9 +14433,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "cn-north-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -13978,9 +14446,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "cn-north-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -13991,9 +14459,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "cn-north-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14004,9 +14472,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "cn-north-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14017,9 +14485,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-gov-west-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14030,9 +14498,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-gov-west-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14043,9 +14511,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-gov-west-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14056,9 +14524,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-gov-west-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14069,9 +14537,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-southeast-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14082,9 +14550,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-southeast-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14095,9 +14563,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-southeast-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14108,9 +14576,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-southeast-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14121,9 +14589,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-southeast-2", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14134,9 +14602,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-southeast-2", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14147,9 +14615,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-southeast-2", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14160,9 +14628,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-southeast-2", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14171,9 +14639,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-iso-east-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14184,9 +14652,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-iso-east-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14195,9 +14663,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-iso-east-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14208,9 +14676,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-iso-east-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14221,9 +14689,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "ap-southeast-3", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14234,9 +14702,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "ap-southeast-3", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14247,9 +14715,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "ap-southeast-3", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14260,9 +14728,61 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "ap-southeast-3", - "UseDualStack": false + "UseFIPS": false + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://config-fips.ap-southeast-4.api.aws" + } + }, + "params": { + "UseDualStack": true, + "Region": "ap-southeast-4", + "UseFIPS": true + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://config-fips.ap-southeast-4.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "Region": "ap-southeast-4", + "UseFIPS": true + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://config.ap-southeast-4.api.aws" + } + }, + "params": { + "UseDualStack": true, + "Region": "ap-southeast-4", + "UseFIPS": false + } + }, + { + "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://config.ap-southeast-4.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "Region": "ap-southeast-4", + "UseFIPS": false } }, { @@ -14273,9 +14793,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-east-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14286,9 +14806,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-east-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14299,9 +14819,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-east-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14312,9 +14832,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-east-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14325,9 +14845,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-east-2", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14338,9 +14858,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-east-2", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14351,9 +14871,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-east-2", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14364,9 +14884,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-east-2", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14377,9 +14897,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "cn-northwest-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14390,9 +14910,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "cn-northwest-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14403,9 +14923,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "cn-northwest-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14416,9 +14936,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "cn-northwest-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14427,9 +14947,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "UseFIPS": true, + "UseDualStack": true, "Region": "us-isob-east-1", - "UseDualStack": true + "UseFIPS": true } }, { @@ -14440,9 +14960,9 @@ } }, "params": { - "UseFIPS": true, + "UseDualStack": false, "Region": "us-isob-east-1", - "UseDualStack": false + "UseFIPS": true } }, { @@ -14451,9 +14971,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "UseFIPS": false, + "UseDualStack": true, "Region": "us-isob-east-1", - "UseDualStack": true + "UseFIPS": false } }, { @@ -14464,9 +14984,9 @@ } }, "params": { - "UseFIPS": false, + "UseDualStack": false, "Region": "us-isob-east-1", - "UseDualStack": false + "UseFIPS": false } }, { @@ -14477,9 +14997,9 @@ } }, "params": { - "UseFIPS": false, - "Region": "us-east-1", "UseDualStack": false, + "Region": "us-east-1", + "UseFIPS": false, "Endpoint": "https://example.com" } }, @@ -14489,9 +15009,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "UseFIPS": true, - "Region": "us-east-1", "UseDualStack": false, + "Region": "us-east-1", + "UseFIPS": true, "Endpoint": "https://example.com" } }, @@ -14501,9 +15021,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "UseFIPS": false, - "Region": "us-east-1", "UseDualStack": true, + "Region": "us-east-1", + "UseFIPS": false, "Endpoint": "https://example.com" } } @@ -14653,6 +15173,75 @@ } } }, + "com.amazonaws.configservice#StartResourceEvaluation": { + "type": "operation", + "input": { + "target": "com.amazonaws.configservice#StartResourceEvaluationRequest" + }, + "output": { + "target": "com.amazonaws.configservice#StartResourceEvaluationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.configservice#IdempotentParameterMismatch" + }, + { + "target": "com.amazonaws.configservice#InvalidParameterValueException" + } + ], + "traits": { + "smithy.api#documentation": "Runs an on-demand evaluation for the specified resource to determine whether the resource details will comply with configured Config rules.\n\t\t\tYou can also use it for evaluation purposes. Config recommends using an evaluation context. It runs an execution against the resource details with all\n\t\t\tof the Config rules in your account that match with the specified proactive mode and resource type.
\n\t\t\n\t\tEnsure you have the cloudformation:DescribeType role setup to validate the resource type schema.\n\t\t
Returns a ResourceDetails object.
Returns an EvaluationContext object.
The mode of an evaluation. The valid value for this API is Proactive.
The timeout for an evaluation. The default is 900 seconds. You cannot specify a number greater than 3600. If you specify 0, Config uses the default.
" + } + }, + "ClientToken": { + "target": "com.amazonaws.configservice#ClientToken", + "traits": { + "smithy.api#documentation": "A client token is a unique, case-sensitive string of up to 64 ASCII characters. \n\t\t\tTo make an idempotent API request using one of these actions, specify a client token in the request.
\n\t\tAvoid reusing the same client token for other API requests. If you retry\n\t\t\t\ta request that completed successfully using the same client token and the same\n\t\t\t\tparameters, the retry succeeds without performing any further actions. If you retry\n\t\t\t\ta successful request using the same client token, but one or more of the parameters\n\t\t\t\tare different, other than the Region or Availability Zone, the retry fails with an\n\t\t\t\tIdempotentParameterMismatch error.
\nA\n\t\t\tunique ResourceEvaluationId that is associated with a single execution.
" + } + } + } + }, "com.amazonaws.configservice#StaticParameterValues": { "type": "list", "member": { @@ -15058,6 +15647,26 @@ "smithy.api#documentation": "This API allows you to create a conformance pack template with an Amazon Web Services Systems Manager document (SSM document). \n\t\t\tTo deploy a conformance pack using an SSM document, first create an SSM document with conformance pack content, and then provide the DocumentName in the PutConformancePack API. You can also provide the DocumentVersion.
The TemplateSSMDocumentDetails object contains the name of the SSM document and the version of the SSM document.
The start time of an execution.
" + } + }, + "EndTime": { + "target": "com.amazonaws.configservice#Date", + "traits": { + "smithy.api#documentation": "The end time of an execution. The end time must be after the start date.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Filters evaluation results based on start and end times.
" + } + }, "com.amazonaws.configservice#TooManyTagsException": { "type": "structure", "members": { @@ -15140,4 +15749,4 @@ "type": "string" } } -} \ No newline at end of file +}