aws-sdk-configservice 1.0.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,7 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
@@ -0,0 +1,23 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ module Aws
9
+ module ConfigService
10
+ module Errors
11
+
12
+ extend Aws::Errors::DynamicErrors
13
+
14
+ # Raised when calling #load or #data on a resource class that can not be
15
+ # loaded. This can happen when:
16
+ #
17
+ # * A resource class has identifiers, but no data attributes.
18
+ # * Resource data is only available when making an API call that
19
+ # enumerates all resources of that type.
20
+ class ResourceNotLoadable < RuntimeError; end
21
+ end
22
+ end
23
+ end
@@ -0,0 +1,25 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ module Aws
9
+ module ConfigService
10
+ class Resource
11
+
12
+ # @param options ({})
13
+ # @option options [Client] :client
14
+ def initialize(options = {})
15
+ @client = options[:client] || Client.new(options)
16
+ end
17
+
18
+ # @return [Client]
19
+ def client
20
+ @client
21
+ end
22
+
23
+ end
24
+ end
25
+ end
@@ -0,0 +1,2100 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ module Aws
9
+ module ConfigService
10
+ module Types
11
+
12
+ # Indicates whether an AWS resource or AWS Config rule is compliant and
13
+ # provides the number of contributors that affect the compliance.
14
+ # @!attribute [rw] compliance_type
15
+ # Indicates whether an AWS resource or AWS Config rule is compliant.
16
+ #
17
+ # A resource is compliant if it complies with all of the AWS Config
18
+ # rules that evaluate it, and it is noncompliant if it does not comply
19
+ # with one or more of these rules.
20
+ #
21
+ # A rule is compliant if all of the resources that the rule evaluates
22
+ # comply with it, and it is noncompliant if any of these resources do
23
+ # not comply.
24
+ #
25
+ # AWS Config returns the `INSUFFICIENT_DATA` value when no evaluation
26
+ # results are available for the AWS resource or Config rule.
27
+ #
28
+ # For the `Compliance` data type, AWS Config supports only
29
+ # `COMPLIANT`, `NON_COMPLIANT`, and `INSUFFICIENT_DATA` values. AWS
30
+ # Config does not support the `NOT_APPLICABLE` value for the
31
+ # `Compliance` data type.
32
+ # @return [String]
33
+ #
34
+ # @!attribute [rw] compliance_contributor_count
35
+ # The number of AWS resources or AWS Config rules that cause a result
36
+ # of `NON_COMPLIANT`, up to a maximum number.
37
+ # @return [Types::ComplianceContributorCount]
38
+ class Compliance < Struct.new(
39
+ :compliance_type,
40
+ :compliance_contributor_count)
41
+ include Aws::Structure
42
+ end
43
+
44
+ # Indicates whether an AWS Config rule is compliant. A rule is compliant
45
+ # if all of the resources that the rule evaluated comply with it, and it
46
+ # is noncompliant if any of these resources do not comply.
47
+ # @!attribute [rw] config_rule_name
48
+ # The name of the AWS Config rule.
49
+ # @return [String]
50
+ #
51
+ # @!attribute [rw] compliance
52
+ # Indicates whether the AWS Config rule is compliant.
53
+ # @return [Types::Compliance]
54
+ class ComplianceByConfigRule < Struct.new(
55
+ :config_rule_name,
56
+ :compliance)
57
+ include Aws::Structure
58
+ end
59
+
60
+ # Indicates whether an AWS resource that is evaluated according to one
61
+ # or more AWS Config rules is compliant. A resource is compliant if it
62
+ # complies with all of the rules that evaluate it, and it is
63
+ # noncompliant if it does not comply with one or more of these rules.
64
+ # @!attribute [rw] resource_type
65
+ # The type of the AWS resource that was evaluated.
66
+ # @return [String]
67
+ #
68
+ # @!attribute [rw] resource_id
69
+ # The ID of the AWS resource that was evaluated.
70
+ # @return [String]
71
+ #
72
+ # @!attribute [rw] compliance
73
+ # Indicates whether the AWS resource complies with all of the AWS
74
+ # Config rules that evaluated it.
75
+ # @return [Types::Compliance]
76
+ class ComplianceByResource < Struct.new(
77
+ :resource_type,
78
+ :resource_id,
79
+ :compliance)
80
+ include Aws::Structure
81
+ end
82
+
83
+ # The number of AWS resources or AWS Config rules responsible for the
84
+ # current compliance of the item, up to a maximum number.
85
+ # @!attribute [rw] capped_count
86
+ # The number of AWS resources or AWS Config rules responsible for the
87
+ # current compliance of the item.
88
+ # @return [Integer]
89
+ #
90
+ # @!attribute [rw] cap_exceeded
91
+ # Indicates whether the maximum count is reached.
92
+ # @return [Boolean]
93
+ class ComplianceContributorCount < Struct.new(
94
+ :capped_count,
95
+ :cap_exceeded)
96
+ include Aws::Structure
97
+ end
98
+
99
+ # The number of AWS Config rules or AWS resources that are compliant and
100
+ # noncompliant, up to a maximum.
101
+ # @!attribute [rw] compliant_resource_count
102
+ # The number of AWS Config rules or AWS resources that are compliant,
103
+ # up to a maximum of 25 for rules and 100 for resources.
104
+ # @return [Types::ComplianceContributorCount]
105
+ #
106
+ # @!attribute [rw] non_compliant_resource_count
107
+ # The number of AWS Config rules or AWS resources that are
108
+ # noncompliant, up to a maximum of 25 for rules and 100 for resources.
109
+ # @return [Types::ComplianceContributorCount]
110
+ #
111
+ # @!attribute [rw] compliance_summary_timestamp
112
+ # The time that AWS Config created the compliance summary.
113
+ # @return [Time]
114
+ class ComplianceSummary < Struct.new(
115
+ :compliant_resource_count,
116
+ :non_compliant_resource_count,
117
+ :compliance_summary_timestamp)
118
+ include Aws::Structure
119
+ end
120
+
121
+ # The number of AWS resources of a specific type that are compliant or
122
+ # noncompliant, up to a maximum of 100 for each compliance.
123
+ # @!attribute [rw] resource_type
124
+ # The type of AWS resource.
125
+ # @return [String]
126
+ #
127
+ # @!attribute [rw] compliance_summary
128
+ # The number of AWS resources that are compliant or noncompliant, up
129
+ # to a maximum of 100 for each compliance.
130
+ # @return [Types::ComplianceSummary]
131
+ class ComplianceSummaryByResourceType < Struct.new(
132
+ :resource_type,
133
+ :compliance_summary)
134
+ include Aws::Structure
135
+ end
136
+
137
+ # A list that contains the status of the delivery of either the snapshot
138
+ # or the configuration history to the specified Amazon S3 bucket.
139
+ # @!attribute [rw] last_status
140
+ # Status of the last attempted delivery.
141
+ # @return [String]
142
+ #
143
+ # @!attribute [rw] last_error_code
144
+ # The error code from the last attempted delivery.
145
+ # @return [String]
146
+ #
147
+ # @!attribute [rw] last_error_message
148
+ # The error message from the last attempted delivery.
149
+ # @return [String]
150
+ #
151
+ # @!attribute [rw] last_attempt_time
152
+ # The time of the last attempted delivery.
153
+ # @return [Time]
154
+ #
155
+ # @!attribute [rw] last_successful_time
156
+ # The time of the last successful delivery.
157
+ # @return [Time]
158
+ #
159
+ # @!attribute [rw] next_delivery_time
160
+ # The time that the next delivery occurs.
161
+ # @return [Time]
162
+ class ConfigExportDeliveryInfo < Struct.new(
163
+ :last_status,
164
+ :last_error_code,
165
+ :last_error_message,
166
+ :last_attempt_time,
167
+ :last_successful_time,
168
+ :next_delivery_time)
169
+ include Aws::Structure
170
+ end
171
+
172
+ # An AWS Config rule represents an AWS Lambda function that you create
173
+ # for a custom rule or a predefined function for an AWS managed rule.
174
+ # The function evaluates configuration items to assess whether your AWS
175
+ # resources comply with your desired configurations. This function can
176
+ # run when AWS Config detects a configuration change to an AWS resource
177
+ # and at a periodic frequency that you choose (for example, every 24
178
+ # hours).
179
+ #
180
+ # <note markdown="1"> You can use the AWS CLI and AWS SDKs if you want to create a rule that
181
+ # triggers evaluations for your resources when AWS Config delivers the
182
+ # configuration snapshot. For more information, see
183
+ # ConfigSnapshotDeliveryProperties.
184
+ #
185
+ # </note>
186
+ #
187
+ # For more information about developing and using AWS Config rules, see
188
+ # [Evaluating AWS Resource Configurations with AWS Config][1] in the
189
+ # *AWS Config Developer Guide*.
190
+ #
191
+ #
192
+ #
193
+ # [1]: http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html
194
+ # @note When making an API call, pass ConfigRule
195
+ # data as a hash:
196
+ #
197
+ # {
198
+ # config_rule_name: "StringWithCharLimit64",
199
+ # config_rule_arn: "String",
200
+ # config_rule_id: "String",
201
+ # description: "EmptiableStringWithCharLimit256",
202
+ # scope: {
203
+ # compliance_resource_types: ["StringWithCharLimit256"],
204
+ # tag_key: "StringWithCharLimit128",
205
+ # tag_value: "StringWithCharLimit256",
206
+ # compliance_resource_id: "StringWithCharLimit256",
207
+ # },
208
+ # source: { # required
209
+ # owner: "CUSTOM_LAMBDA", # accepts CUSTOM_LAMBDA, AWS
210
+ # source_identifier: "StringWithCharLimit256",
211
+ # source_details: [
212
+ # {
213
+ # event_source: "aws.config", # accepts aws.config
214
+ # message_type: "ConfigurationItemChangeNotification", # accepts ConfigurationItemChangeNotification, ConfigurationSnapshotDeliveryCompleted, ScheduledNotification
215
+ # maximum_execution_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
216
+ # },
217
+ # ],
218
+ # },
219
+ # input_parameters: "StringWithCharLimit256",
220
+ # maximum_execution_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
221
+ # config_rule_state: "ACTIVE", # accepts ACTIVE, DELETING, DELETING_RESULTS, EVALUATING
222
+ # }
223
+ # @!attribute [rw] config_rule_name
224
+ # The name that you assign to the AWS Config rule. The name is
225
+ # required if you are adding a new rule.
226
+ # @return [String]
227
+ #
228
+ # @!attribute [rw] config_rule_arn
229
+ # The Amazon Resource Name (ARN) of the AWS Config rule.
230
+ # @return [String]
231
+ #
232
+ # @!attribute [rw] config_rule_id
233
+ # The ID of the AWS Config rule.
234
+ # @return [String]
235
+ #
236
+ # @!attribute [rw] description
237
+ # The description that you provide for the AWS Config rule.
238
+ # @return [String]
239
+ #
240
+ # @!attribute [rw] scope
241
+ # Defines which resources can trigger an evaluation for the rule. The
242
+ # scope can include one or more resource types, a combination of one
243
+ # resource type and one resource ID, or a combination of a tag key and
244
+ # value. Specify a scope to constrain the resources that can trigger
245
+ # an evaluation for the rule. If you do not specify a scope,
246
+ # evaluations are triggered when any resource in the recording group
247
+ # changes.
248
+ # @return [Types::Scope]
249
+ #
250
+ # @!attribute [rw] source
251
+ # Provides the rule owner (AWS or customer), the rule identifier, and
252
+ # the notifications that cause the function to evaluate your AWS
253
+ # resources.
254
+ # @return [Types::Source]
255
+ #
256
+ # @!attribute [rw] input_parameters
257
+ # A string in JSON format that is passed to the AWS Config rule Lambda
258
+ # function.
259
+ # @return [String]
260
+ #
261
+ # @!attribute [rw] maximum_execution_frequency
262
+ # The maximum frequency with which AWS Config runs evaluations for a
263
+ # rule. You can specify a value for `MaximumExecutionFrequency` when:
264
+ #
265
+ # * You are using an AWS managed rule that is triggered at a periodic
266
+ # frequency.
267
+ #
268
+ # * Your custom rule is triggered when AWS Config delivers the
269
+ # configuration snapshot.
270
+ #
271
+ # For more information, see ConfigSnapshotDeliveryProperties.
272
+ # @return [String]
273
+ #
274
+ # @!attribute [rw] config_rule_state
275
+ # Indicates whether the AWS Config rule is active or is currently
276
+ # being deleted by AWS Config. It can also indicate the evaluation
277
+ # status for the Config rule.
278
+ #
279
+ # AWS Config sets the state of the rule to `EVALUATING` temporarily
280
+ # after you use the `StartConfigRulesEvaluation` request to evaluate
281
+ # your resources against the Config rule.
282
+ #
283
+ # AWS Config sets the state of the rule to `DELETING_RESULTS`
284
+ # temporarily after you use the `DeleteEvaluationResults` request to
285
+ # delete the current evaluation results for the Config rule.
286
+ #
287
+ # AWS Config sets the state of a rule to `DELETING` temporarily after
288
+ # you use the `DeleteConfigRule` request to delete the rule. After AWS
289
+ # Config deletes the rule, the rule and all of its evaluations are
290
+ # erased and are no longer available.
291
+ # @return [String]
292
+ class ConfigRule < Struct.new(
293
+ :config_rule_name,
294
+ :config_rule_arn,
295
+ :config_rule_id,
296
+ :description,
297
+ :scope,
298
+ :source,
299
+ :input_parameters,
300
+ :maximum_execution_frequency,
301
+ :config_rule_state)
302
+ include Aws::Structure
303
+ end
304
+
305
+ # Status information for your AWS managed Config rules. The status
306
+ # includes information such as the last time the rule ran, the last time
307
+ # it failed, and the related error for the last failure.
308
+ #
309
+ # This action does not return status information about custom Config
310
+ # rules.
311
+ # @!attribute [rw] config_rule_name
312
+ # The name of the AWS Config rule.
313
+ # @return [String]
314
+ #
315
+ # @!attribute [rw] config_rule_arn
316
+ # The Amazon Resource Name (ARN) of the AWS Config rule.
317
+ # @return [String]
318
+ #
319
+ # @!attribute [rw] config_rule_id
320
+ # The ID of the AWS Config rule.
321
+ # @return [String]
322
+ #
323
+ # @!attribute [rw] last_successful_invocation_time
324
+ # The time that AWS Config last successfully invoked the AWS Config
325
+ # rule to evaluate your AWS resources.
326
+ # @return [Time]
327
+ #
328
+ # @!attribute [rw] last_failed_invocation_time
329
+ # The time that AWS Config last failed to invoke the AWS Config rule
330
+ # to evaluate your AWS resources.
331
+ # @return [Time]
332
+ #
333
+ # @!attribute [rw] last_successful_evaluation_time
334
+ # The time that AWS Config last successfully evaluated your AWS
335
+ # resources against the rule.
336
+ # @return [Time]
337
+ #
338
+ # @!attribute [rw] last_failed_evaluation_time
339
+ # The time that AWS Config last failed to evaluate your AWS resources
340
+ # against the rule.
341
+ # @return [Time]
342
+ #
343
+ # @!attribute [rw] first_activated_time
344
+ # The time that you first activated the AWS Config rule.
345
+ # @return [Time]
346
+ #
347
+ # @!attribute [rw] last_error_code
348
+ # The error code that AWS Config returned when the rule last failed.
349
+ # @return [String]
350
+ #
351
+ # @!attribute [rw] last_error_message
352
+ # The error message that AWS Config returned when the rule last
353
+ # failed.
354
+ # @return [String]
355
+ #
356
+ # @!attribute [rw] first_evaluation_started
357
+ # Indicates whether AWS Config has evaluated your resources against
358
+ # the rule at least once.
359
+ #
360
+ # * `true` - AWS Config has evaluated your AWS resources against the
361
+ # rule at least once.
362
+ #
363
+ # * `false` - AWS Config has not once finished evaluating your AWS
364
+ # resources against the rule.
365
+ # @return [Boolean]
366
+ class ConfigRuleEvaluationStatus < Struct.new(
367
+ :config_rule_name,
368
+ :config_rule_arn,
369
+ :config_rule_id,
370
+ :last_successful_invocation_time,
371
+ :last_failed_invocation_time,
372
+ :last_successful_evaluation_time,
373
+ :last_failed_evaluation_time,
374
+ :first_activated_time,
375
+ :last_error_code,
376
+ :last_error_message,
377
+ :first_evaluation_started)
378
+ include Aws::Structure
379
+ end
380
+
381
+ # Provides options for how often AWS Config delivers configuration
382
+ # snapshots to the Amazon S3 bucket in your delivery channel.
383
+ #
384
+ # <note markdown="1"> If you want to create a rule that triggers evaluations for your
385
+ # resources when AWS Config delivers the configuration snapshot, see the
386
+ # following:
387
+ #
388
+ # </note>
389
+ #
390
+ # The frequency for a rule that triggers evaluations for your resources
391
+ # when AWS Config delivers the configuration snapshot is set by one of
392
+ # two values, depending on which is less frequent:
393
+ #
394
+ # * The value for the `deliveryFrequency` parameter within the delivery
395
+ # channel configuration, which sets how often AWS Config delivers
396
+ # configuration snapshots. This value also sets how often AWS Config
397
+ # invokes evaluations for Config rules.
398
+ #
399
+ # * The value for the `MaximumExecutionFrequency` parameter, which sets
400
+ # the maximum frequency with which AWS Config invokes evaluations for
401
+ # the rule. For more information, see ConfigRule.
402
+ #
403
+ # If the `deliveryFrequency` value is less frequent than the
404
+ # `MaximumExecutionFrequency` value for a rule, AWS Config invokes the
405
+ # rule only as often as the `deliveryFrequency` value.
406
+ #
407
+ # 1. For example, you want your rule to run evaluations when AWS Config
408
+ # delivers the configuration snapshot.
409
+ #
410
+ # 2. You specify the `MaximumExecutionFrequency` value for `Six_Hours`.
411
+ #
412
+ # 3. You then specify the delivery channel `deliveryFrequency` value
413
+ # for `TwentyFour_Hours`.
414
+ #
415
+ # 4. Because the value for `deliveryFrequency` is less frequent than
416
+ # `MaximumExecutionFrequency`, AWS Config invokes evaluations for
417
+ # the rule every 24 hours.
418
+ #
419
+ # You should set the `MaximumExecutionFrequency` value to be at least as
420
+ # frequent as the `deliveryFrequency` value. You can view the
421
+ # `deliveryFrequency` value by using the `DescribeDeliveryChannnels`
422
+ # action.
423
+ #
424
+ # To update the `deliveryFrequency` with which AWS Config delivers your
425
+ # configuration snapshots, use the `PutDeliveryChannel` action.
426
+ # @note When making an API call, pass ConfigSnapshotDeliveryProperties
427
+ # data as a hash:
428
+ #
429
+ # {
430
+ # delivery_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
431
+ # }
432
+ # @!attribute [rw] delivery_frequency
433
+ # The frequency with which AWS Config delivers configuration
434
+ # snapshots.
435
+ # @return [String]
436
+ class ConfigSnapshotDeliveryProperties < Struct.new(
437
+ :delivery_frequency)
438
+ include Aws::Structure
439
+ end
440
+
441
+ # A list that contains the status of the delivery of the configuration
442
+ # stream notification to the Amazon SNS topic.
443
+ # @!attribute [rw] last_status
444
+ # Status of the last attempted delivery.
445
+ #
446
+ # **Note** Providing an SNS topic on a [DeliveryChannel][1] for AWS
447
+ # Config is optional. If the SNS delivery is turned off, the last
448
+ # status will be **Not\_Applicable**.
449
+ #
450
+ #
451
+ #
452
+ # [1]: http://docs.aws.amazon.com/config/latest/APIReference/API_DeliveryChannel.html
453
+ # @return [String]
454
+ #
455
+ # @!attribute [rw] last_error_code
456
+ # The error code from the last attempted delivery.
457
+ # @return [String]
458
+ #
459
+ # @!attribute [rw] last_error_message
460
+ # The error message from the last attempted delivery.
461
+ # @return [String]
462
+ #
463
+ # @!attribute [rw] last_status_change_time
464
+ # The time from the last status change.
465
+ # @return [Time]
466
+ class ConfigStreamDeliveryInfo < Struct.new(
467
+ :last_status,
468
+ :last_error_code,
469
+ :last_error_message,
470
+ :last_status_change_time)
471
+ include Aws::Structure
472
+ end
473
+
474
+ # A list that contains detailed configurations of a specified resource.
475
+ #
476
+ # <note markdown="1"> Currently, the list does not contain information about non-AWS
477
+ # components (for example, applications on your Amazon EC2 instances).
478
+ #
479
+ # </note>
480
+ # @!attribute [rw] version
481
+ # The version number of the resource configuration.
482
+ # @return [String]
483
+ #
484
+ # @!attribute [rw] account_id
485
+ # The 12 digit AWS account ID associated with the resource.
486
+ # @return [String]
487
+ #
488
+ # @!attribute [rw] configuration_item_capture_time
489
+ # The time when the configuration recording was initiated.
490
+ # @return [Time]
491
+ #
492
+ # @!attribute [rw] configuration_item_status
493
+ # The configuration item status.
494
+ # @return [String]
495
+ #
496
+ # @!attribute [rw] configuration_state_id
497
+ # An identifier that indicates the ordering of the configuration items
498
+ # of a resource.
499
+ # @return [String]
500
+ #
501
+ # @!attribute [rw] configuration_item_md5_hash
502
+ # Unique MD5 hash that represents the configuration item's state.
503
+ #
504
+ # You can use MD5 hash to compare the states of two or more
505
+ # configuration items that are associated with the same resource.
506
+ # @return [String]
507
+ #
508
+ # @!attribute [rw] arn
509
+ # The Amazon Resource Name (ARN) of the resource.
510
+ # @return [String]
511
+ #
512
+ # @!attribute [rw] resource_type
513
+ # The type of AWS resource.
514
+ # @return [String]
515
+ #
516
+ # @!attribute [rw] resource_id
517
+ # The ID of the resource (for example., `sg-xxxxxx`).
518
+ # @return [String]
519
+ #
520
+ # @!attribute [rw] resource_name
521
+ # The custom name of the resource, if available.
522
+ # @return [String]
523
+ #
524
+ # @!attribute [rw] aws_region
525
+ # The region where the resource resides.
526
+ # @return [String]
527
+ #
528
+ # @!attribute [rw] availability_zone
529
+ # The Availability Zone associated with the resource.
530
+ # @return [String]
531
+ #
532
+ # @!attribute [rw] resource_creation_time
533
+ # The time stamp when the resource was created.
534
+ # @return [Time]
535
+ #
536
+ # @!attribute [rw] tags
537
+ # A mapping of key value tags associated with the resource.
538
+ # @return [Hash<String,String>]
539
+ #
540
+ # @!attribute [rw] related_events
541
+ # A list of CloudTrail event IDs.
542
+ #
543
+ # A populated field indicates that the current configuration was
544
+ # initiated by the events recorded in the CloudTrail log. For more
545
+ # information about CloudTrail, see [What is AWS CloudTrail?][1].
546
+ #
547
+ # An empty field indicates that the current configuration was not
548
+ # initiated by any event.
549
+ #
550
+ #
551
+ #
552
+ # [1]: http://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html
553
+ # @return [Array<String>]
554
+ #
555
+ # @!attribute [rw] relationships
556
+ # A list of related AWS resources.
557
+ # @return [Array<Types::Relationship>]
558
+ #
559
+ # @!attribute [rw] configuration
560
+ # The description of the resource configuration.
561
+ # @return [String]
562
+ #
563
+ # @!attribute [rw] supplementary_configuration
564
+ # Configuration attributes that AWS Config returns for certain
565
+ # resource types to supplement the information returned for the
566
+ # `configuration` parameter.
567
+ # @return [Hash<String,String>]
568
+ class ConfigurationItem < Struct.new(
569
+ :version,
570
+ :account_id,
571
+ :configuration_item_capture_time,
572
+ :configuration_item_status,
573
+ :configuration_state_id,
574
+ :configuration_item_md5_hash,
575
+ :arn,
576
+ :resource_type,
577
+ :resource_id,
578
+ :resource_name,
579
+ :aws_region,
580
+ :availability_zone,
581
+ :resource_creation_time,
582
+ :tags,
583
+ :related_events,
584
+ :relationships,
585
+ :configuration,
586
+ :supplementary_configuration)
587
+ include Aws::Structure
588
+ end
589
+
590
+ # An object that represents the recording of configuration changes of an
591
+ # AWS resource.
592
+ # @note When making an API call, pass ConfigurationRecorder
593
+ # data as a hash:
594
+ #
595
+ # {
596
+ # name: "RecorderName",
597
+ # role_arn: "String",
598
+ # recording_group: {
599
+ # all_supported: false,
600
+ # include_global_resource_types: false,
601
+ # resource_types: ["AWS::EC2::CustomerGateway"], # accepts AWS::EC2::CustomerGateway, AWS::EC2::EIP, AWS::EC2::Host, AWS::EC2::Instance, AWS::EC2::InternetGateway, AWS::EC2::NetworkAcl, AWS::EC2::NetworkInterface, AWS::EC2::RouteTable, AWS::EC2::SecurityGroup, AWS::EC2::Subnet, AWS::CloudTrail::Trail, AWS::EC2::Volume, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::IAM::Group, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::ACM::Certificate, AWS::RDS::DBInstance, AWS::RDS::DBSubnetGroup, AWS::RDS::DBSecurityGroup, AWS::RDS::DBSnapshot, AWS::RDS::EventSubscription, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::S3::Bucket
602
+ # },
603
+ # }
604
+ # @!attribute [rw] name
605
+ # The name of the recorder. By default, AWS Config automatically
606
+ # assigns the name "default" when creating the configuration
607
+ # recorder. You cannot change the assigned name.
608
+ # @return [String]
609
+ #
610
+ # @!attribute [rw] role_arn
611
+ # Amazon Resource Name (ARN) of the IAM role used to describe the AWS
612
+ # resources associated with the account.
613
+ # @return [String]
614
+ #
615
+ # @!attribute [rw] recording_group
616
+ # Specifies the types of AWS resource for which AWS Config records
617
+ # configuration changes.
618
+ # @return [Types::RecordingGroup]
619
+ class ConfigurationRecorder < Struct.new(
620
+ :name,
621
+ :role_arn,
622
+ :recording_group)
623
+ include Aws::Structure
624
+ end
625
+
626
+ # The current status of the configuration recorder.
627
+ # @!attribute [rw] name
628
+ # The name of the configuration recorder.
629
+ # @return [String]
630
+ #
631
+ # @!attribute [rw] last_start_time
632
+ # The time the recorder was last started.
633
+ # @return [Time]
634
+ #
635
+ # @!attribute [rw] last_stop_time
636
+ # The time the recorder was last stopped.
637
+ # @return [Time]
638
+ #
639
+ # @!attribute [rw] recording
640
+ # Specifies whether the recorder is currently recording or not.
641
+ # @return [Boolean]
642
+ #
643
+ # @!attribute [rw] last_status
644
+ # The last (previous) status of the recorder.
645
+ # @return [String]
646
+ #
647
+ # @!attribute [rw] last_error_code
648
+ # The error code indicating that the recording failed.
649
+ # @return [String]
650
+ #
651
+ # @!attribute [rw] last_error_message
652
+ # The message indicating that the recording failed due to an error.
653
+ # @return [String]
654
+ #
655
+ # @!attribute [rw] last_status_change_time
656
+ # The time when the status was last changed.
657
+ # @return [Time]
658
+ class ConfigurationRecorderStatus < Struct.new(
659
+ :name,
660
+ :last_start_time,
661
+ :last_stop_time,
662
+ :recording,
663
+ :last_status,
664
+ :last_error_code,
665
+ :last_error_message,
666
+ :last_status_change_time)
667
+ include Aws::Structure
668
+ end
669
+
670
+ # @note When making an API call, pass DeleteConfigRuleRequest
671
+ # data as a hash:
672
+ #
673
+ # {
674
+ # config_rule_name: "StringWithCharLimit64", # required
675
+ # }
676
+ # @!attribute [rw] config_rule_name
677
+ # The name of the AWS Config rule that you want to delete.
678
+ # @return [String]
679
+ class DeleteConfigRuleRequest < Struct.new(
680
+ :config_rule_name)
681
+ include Aws::Structure
682
+ end
683
+
684
+ # The request object for the `DeleteConfigurationRecorder` action.
685
+ # @note When making an API call, pass DeleteConfigurationRecorderRequest
686
+ # data as a hash:
687
+ #
688
+ # {
689
+ # configuration_recorder_name: "RecorderName", # required
690
+ # }
691
+ # @!attribute [rw] configuration_recorder_name
692
+ # The name of the configuration recorder to be deleted. You can
693
+ # retrieve the name of your configuration recorder by using the
694
+ # `DescribeConfigurationRecorders` action.
695
+ # @return [String]
696
+ class DeleteConfigurationRecorderRequest < Struct.new(
697
+ :configuration_recorder_name)
698
+ include Aws::Structure
699
+ end
700
+
701
+ # The input for the DeleteDeliveryChannel action. The action accepts the
702
+ # following data in JSON format.
703
+ # @note When making an API call, pass DeleteDeliveryChannelRequest
704
+ # data as a hash:
705
+ #
706
+ # {
707
+ # delivery_channel_name: "ChannelName", # required
708
+ # }
709
+ # @!attribute [rw] delivery_channel_name
710
+ # The name of the delivery channel to delete.
711
+ # @return [String]
712
+ class DeleteDeliveryChannelRequest < Struct.new(
713
+ :delivery_channel_name)
714
+ include Aws::Structure
715
+ end
716
+
717
+ # @note When making an API call, pass DeleteEvaluationResultsRequest
718
+ # data as a hash:
719
+ #
720
+ # {
721
+ # config_rule_name: "StringWithCharLimit64", # required
722
+ # }
723
+ # @!attribute [rw] config_rule_name
724
+ # The name of the Config rule for which you want to delete the
725
+ # evaluation results.
726
+ # @return [String]
727
+ class DeleteEvaluationResultsRequest < Struct.new(
728
+ :config_rule_name)
729
+ include Aws::Structure
730
+ end
731
+
732
+ # The output when you delete the evaluation results for the specified
733
+ # Config rule.
734
+ class DeleteEvaluationResultsResponse < Aws::EmptyStructure; end
735
+
736
+ # The input for the DeliverConfigSnapshot action.
737
+ # @note When making an API call, pass DeliverConfigSnapshotRequest
738
+ # data as a hash:
739
+ #
740
+ # {
741
+ # delivery_channel_name: "ChannelName", # required
742
+ # }
743
+ # @!attribute [rw] delivery_channel_name
744
+ # The name of the delivery channel through which the snapshot is
745
+ # delivered.
746
+ # @return [String]
747
+ class DeliverConfigSnapshotRequest < Struct.new(
748
+ :delivery_channel_name)
749
+ include Aws::Structure
750
+ end
751
+
752
+ # The output for the DeliverConfigSnapshot action in JSON format.
753
+ # @!attribute [rw] config_snapshot_id
754
+ # The ID of the snapshot that is being created.
755
+ # @return [String]
756
+ class DeliverConfigSnapshotResponse < Struct.new(
757
+ :config_snapshot_id)
758
+ include Aws::Structure
759
+ end
760
+
761
+ # The channel through which AWS Config delivers notifications and
762
+ # updated configuration states.
763
+ # @note When making an API call, pass DeliveryChannel
764
+ # data as a hash:
765
+ #
766
+ # {
767
+ # name: "ChannelName",
768
+ # s3_bucket_name: "String",
769
+ # s3_key_prefix: "String",
770
+ # sns_topic_arn: "String",
771
+ # config_snapshot_delivery_properties: {
772
+ # delivery_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
773
+ # },
774
+ # }
775
+ # @!attribute [rw] name
776
+ # The name of the delivery channel. By default, AWS Config assigns the
777
+ # name "default" when creating the delivery channel. To change the
778
+ # delivery channel name, you must use the DeleteDeliveryChannel action
779
+ # to delete your current delivery channel, and then you must use the
780
+ # PutDeliveryChannel command to create a delivery channel that has the
781
+ # desired name.
782
+ # @return [String]
783
+ #
784
+ # @!attribute [rw] s3_bucket_name
785
+ # The name of the Amazon S3 bucket to which AWS Config delivers
786
+ # configuration snapshots and configuration history files.
787
+ #
788
+ # If you specify a bucket that belongs to another AWS account, that
789
+ # bucket must have policies that grant access permissions to AWS
790
+ # Config. For more information, see [Permissions for the Amazon S3
791
+ # Bucket][1] in the AWS Config Developer Guide.
792
+ #
793
+ #
794
+ #
795
+ # [1]: http://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html
796
+ # @return [String]
797
+ #
798
+ # @!attribute [rw] s3_key_prefix
799
+ # The prefix for the specified Amazon S3 bucket.
800
+ # @return [String]
801
+ #
802
+ # @!attribute [rw] sns_topic_arn
803
+ # The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS
804
+ # Config sends notifications about configuration changes.
805
+ #
806
+ # If you choose a topic from another account, the topic must have
807
+ # policies that grant access permissions to AWS Config. For more
808
+ # information, see [Permissions for the Amazon SNS Topic][1] in the
809
+ # AWS Config Developer Guide.
810
+ #
811
+ #
812
+ #
813
+ # [1]: http://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html
814
+ # @return [String]
815
+ #
816
+ # @!attribute [rw] config_snapshot_delivery_properties
817
+ # Provides options for how often AWS Config delivers configuration
818
+ # snapshots to the Amazon S3 bucket in your delivery channel.
819
+ #
820
+ # <note markdown="1"> If you want to create a rule that triggers evaluations for your
821
+ # resources when AWS Config delivers the configuration snapshot, see
822
+ # the following:
823
+ #
824
+ # </note>
825
+ #
826
+ # The frequency for a rule that triggers evaluations for your
827
+ # resources when AWS Config delivers the configuration snapshot is set
828
+ # by one of two values, depending on which is less frequent:
829
+ #
830
+ # * The value for the `deliveryFrequency` parameter within the
831
+ # delivery channel configuration, which sets how often AWS Config
832
+ # delivers configuration snapshots. This value also sets how often
833
+ # AWS Config invokes evaluations for Config rules.
834
+ #
835
+ # * The value for the `MaximumExecutionFrequency` parameter, which
836
+ # sets the maximum frequency with which AWS Config invokes
837
+ # evaluations for the rule. For more information, see ConfigRule.
838
+ #
839
+ # If the `deliveryFrequency` value is less frequent than the
840
+ # `MaximumExecutionFrequency` value for a rule, AWS Config invokes the
841
+ # rule only as often as the `deliveryFrequency` value.
842
+ #
843
+ # 1. For example, you want your rule to run evaluations when AWS
844
+ # Config delivers the configuration snapshot.
845
+ #
846
+ # 2. You specify the `MaximumExecutionFrequency` value for
847
+ # `Six_Hours`.
848
+ #
849
+ # 3. You then specify the delivery channel `deliveryFrequency` value
850
+ # for `TwentyFour_Hours`.
851
+ #
852
+ # 4. Because the value for `deliveryFrequency` is less frequent than
853
+ # `MaximumExecutionFrequency`, AWS Config invokes evaluations for
854
+ # the rule every 24 hours.
855
+ #
856
+ # You should set the `MaximumExecutionFrequency` value to be at least
857
+ # as frequent as the `deliveryFrequency` value. You can view the
858
+ # `deliveryFrequency` value by using the `DescribeDeliveryChannnels`
859
+ # action.
860
+ #
861
+ # To update the `deliveryFrequency` with which AWS Config delivers
862
+ # your configuration snapshots, use the `PutDeliveryChannel` action.
863
+ # @return [Types::ConfigSnapshotDeliveryProperties]
864
+ class DeliveryChannel < Struct.new(
865
+ :name,
866
+ :s3_bucket_name,
867
+ :s3_key_prefix,
868
+ :sns_topic_arn,
869
+ :config_snapshot_delivery_properties)
870
+ include Aws::Structure
871
+ end
872
+
873
+ # The status of a specified delivery channel.
874
+ #
875
+ # Valid values: `Success` \| `Failure`
876
+ # @!attribute [rw] name
877
+ # The name of the delivery channel.
878
+ # @return [String]
879
+ #
880
+ # @!attribute [rw] config_snapshot_delivery_info
881
+ # A list containing the status of the delivery of the snapshot to the
882
+ # specified Amazon S3 bucket.
883
+ # @return [Types::ConfigExportDeliveryInfo]
884
+ #
885
+ # @!attribute [rw] config_history_delivery_info
886
+ # A list that contains the status of the delivery of the configuration
887
+ # history to the specified Amazon S3 bucket.
888
+ # @return [Types::ConfigExportDeliveryInfo]
889
+ #
890
+ # @!attribute [rw] config_stream_delivery_info
891
+ # A list containing the status of the delivery of the configuration
892
+ # stream notification to the specified Amazon SNS topic.
893
+ # @return [Types::ConfigStreamDeliveryInfo]
894
+ class DeliveryChannelStatus < Struct.new(
895
+ :name,
896
+ :config_snapshot_delivery_info,
897
+ :config_history_delivery_info,
898
+ :config_stream_delivery_info)
899
+ include Aws::Structure
900
+ end
901
+
902
+ # @note When making an API call, pass DescribeComplianceByConfigRuleRequest
903
+ # data as a hash:
904
+ #
905
+ # {
906
+ # config_rule_names: ["StringWithCharLimit64"],
907
+ # compliance_types: ["COMPLIANT"], # accepts COMPLIANT, NON_COMPLIANT, NOT_APPLICABLE, INSUFFICIENT_DATA
908
+ # next_token: "String",
909
+ # }
910
+ # @!attribute [rw] config_rule_names
911
+ # Specify one or more AWS Config rule names to filter the results by
912
+ # rule.
913
+ # @return [Array<String>]
914
+ #
915
+ # @!attribute [rw] compliance_types
916
+ # Filters the results by compliance.
917
+ #
918
+ # The allowed values are `COMPLIANT`, `NON_COMPLIANT`, and
919
+ # `INSUFFICIENT_DATA`.
920
+ # @return [Array<String>]
921
+ #
922
+ # @!attribute [rw] next_token
923
+ # The `nextToken` string returned on a previous page that you use to
924
+ # get the next page of results in a paginated response.
925
+ # @return [String]
926
+ class DescribeComplianceByConfigRuleRequest < Struct.new(
927
+ :config_rule_names,
928
+ :compliance_types,
929
+ :next_token)
930
+ include Aws::Structure
931
+ end
932
+
933
+ # @!attribute [rw] compliance_by_config_rules
934
+ # Indicates whether each of the specified AWS Config rules is
935
+ # compliant.
936
+ # @return [Array<Types::ComplianceByConfigRule>]
937
+ #
938
+ # @!attribute [rw] next_token
939
+ # The string that you use in a subsequent request to get the next page
940
+ # of results in a paginated response.
941
+ # @return [String]
942
+ class DescribeComplianceByConfigRuleResponse < Struct.new(
943
+ :compliance_by_config_rules,
944
+ :next_token)
945
+ include Aws::Structure
946
+ end
947
+
948
+ # @note When making an API call, pass DescribeComplianceByResourceRequest
949
+ # data as a hash:
950
+ #
951
+ # {
952
+ # resource_type: "StringWithCharLimit256",
953
+ # resource_id: "StringWithCharLimit256",
954
+ # compliance_types: ["COMPLIANT"], # accepts COMPLIANT, NON_COMPLIANT, NOT_APPLICABLE, INSUFFICIENT_DATA
955
+ # limit: 1,
956
+ # next_token: "NextToken",
957
+ # }
958
+ # @!attribute [rw] resource_type
959
+ # The types of AWS resources for which you want compliance
960
+ # information; for example, `AWS::EC2::Instance`. For this action, you
961
+ # can specify that the resource type is an AWS account by specifying
962
+ # `AWS::::Account`.
963
+ # @return [String]
964
+ #
965
+ # @!attribute [rw] resource_id
966
+ # The ID of the AWS resource for which you want compliance
967
+ # information. You can specify only one resource ID. If you specify a
968
+ # resource ID, you must also specify a type for `ResourceType`.
969
+ # @return [String]
970
+ #
971
+ # @!attribute [rw] compliance_types
972
+ # Filters the results by compliance.
973
+ #
974
+ # The allowed values are `COMPLIANT`, `NON_COMPLIANT`, and
975
+ # `INSUFFICIENT_DATA`.
976
+ # @return [Array<String>]
977
+ #
978
+ # @!attribute [rw] limit
979
+ # The maximum number of evaluation results returned on each page. The
980
+ # default is 10. You cannot specify a limit greater than 100. If you
981
+ # specify 0, AWS Config uses the default.
982
+ # @return [Integer]
983
+ #
984
+ # @!attribute [rw] next_token
985
+ # The `nextToken` string returned on a previous page that you use to
986
+ # get the next page of results in a paginated response.
987
+ # @return [String]
988
+ class DescribeComplianceByResourceRequest < Struct.new(
989
+ :resource_type,
990
+ :resource_id,
991
+ :compliance_types,
992
+ :limit,
993
+ :next_token)
994
+ include Aws::Structure
995
+ end
996
+
997
+ # @!attribute [rw] compliance_by_resources
998
+ # Indicates whether the specified AWS resource complies with all of
999
+ # the AWS Config rules that evaluate it.
1000
+ # @return [Array<Types::ComplianceByResource>]
1001
+ #
1002
+ # @!attribute [rw] next_token
1003
+ # The string that you use in a subsequent request to get the next page
1004
+ # of results in a paginated response.
1005
+ # @return [String]
1006
+ class DescribeComplianceByResourceResponse < Struct.new(
1007
+ :compliance_by_resources,
1008
+ :next_token)
1009
+ include Aws::Structure
1010
+ end
1011
+
1012
+ # @note When making an API call, pass DescribeConfigRuleEvaluationStatusRequest
1013
+ # data as a hash:
1014
+ #
1015
+ # {
1016
+ # config_rule_names: ["StringWithCharLimit64"],
1017
+ # }
1018
+ # @!attribute [rw] config_rule_names
1019
+ # The name of the AWS managed Config rules for which you want status
1020
+ # information. If you do not specify any names, AWS Config returns
1021
+ # status information for all AWS managed Config rules that you use.
1022
+ # @return [Array<String>]
1023
+ class DescribeConfigRuleEvaluationStatusRequest < Struct.new(
1024
+ :config_rule_names)
1025
+ include Aws::Structure
1026
+ end
1027
+
1028
+ # @!attribute [rw] config_rules_evaluation_status
1029
+ # Status information about your AWS managed Config rules.
1030
+ # @return [Array<Types::ConfigRuleEvaluationStatus>]
1031
+ class DescribeConfigRuleEvaluationStatusResponse < Struct.new(
1032
+ :config_rules_evaluation_status)
1033
+ include Aws::Structure
1034
+ end
1035
+
1036
+ # @note When making an API call, pass DescribeConfigRulesRequest
1037
+ # data as a hash:
1038
+ #
1039
+ # {
1040
+ # config_rule_names: ["StringWithCharLimit64"],
1041
+ # next_token: "String",
1042
+ # }
1043
+ # @!attribute [rw] config_rule_names
1044
+ # The names of the AWS Config rules for which you want details. If you
1045
+ # do not specify any names, AWS Config returns details for all your
1046
+ # rules.
1047
+ # @return [Array<String>]
1048
+ #
1049
+ # @!attribute [rw] next_token
1050
+ # The `nextToken` string returned on a previous page that you use to
1051
+ # get the next page of results in a paginated response.
1052
+ # @return [String]
1053
+ class DescribeConfigRulesRequest < Struct.new(
1054
+ :config_rule_names,
1055
+ :next_token)
1056
+ include Aws::Structure
1057
+ end
1058
+
1059
+ # @!attribute [rw] config_rules
1060
+ # The details about your AWS Config rules.
1061
+ # @return [Array<Types::ConfigRule>]
1062
+ #
1063
+ # @!attribute [rw] next_token
1064
+ # The string that you use in a subsequent request to get the next page
1065
+ # of results in a paginated response.
1066
+ # @return [String]
1067
+ class DescribeConfigRulesResponse < Struct.new(
1068
+ :config_rules,
1069
+ :next_token)
1070
+ include Aws::Structure
1071
+ end
1072
+
1073
+ # The input for the DescribeConfigurationRecorderStatus action.
1074
+ # @note When making an API call, pass DescribeConfigurationRecorderStatusRequest
1075
+ # data as a hash:
1076
+ #
1077
+ # {
1078
+ # configuration_recorder_names: ["RecorderName"],
1079
+ # }
1080
+ # @!attribute [rw] configuration_recorder_names
1081
+ # The name(s) of the configuration recorder. If the name is not
1082
+ # specified, the action returns the current status of all the
1083
+ # configuration recorders associated with the account.
1084
+ # @return [Array<String>]
1085
+ class DescribeConfigurationRecorderStatusRequest < Struct.new(
1086
+ :configuration_recorder_names)
1087
+ include Aws::Structure
1088
+ end
1089
+
1090
+ # The output for the DescribeConfigurationRecorderStatus action in JSON
1091
+ # format.
1092
+ # @!attribute [rw] configuration_recorders_status
1093
+ # A list that contains status of the specified recorders.
1094
+ # @return [Array<Types::ConfigurationRecorderStatus>]
1095
+ class DescribeConfigurationRecorderStatusResponse < Struct.new(
1096
+ :configuration_recorders_status)
1097
+ include Aws::Structure
1098
+ end
1099
+
1100
+ # The input for the DescribeConfigurationRecorders action.
1101
+ # @note When making an API call, pass DescribeConfigurationRecordersRequest
1102
+ # data as a hash:
1103
+ #
1104
+ # {
1105
+ # configuration_recorder_names: ["RecorderName"],
1106
+ # }
1107
+ # @!attribute [rw] configuration_recorder_names
1108
+ # A list of configuration recorder names.
1109
+ # @return [Array<String>]
1110
+ class DescribeConfigurationRecordersRequest < Struct.new(
1111
+ :configuration_recorder_names)
1112
+ include Aws::Structure
1113
+ end
1114
+
1115
+ # The output for the DescribeConfigurationRecorders action.
1116
+ # @!attribute [rw] configuration_recorders
1117
+ # A list that contains the descriptions of the specified configuration
1118
+ # recorders.
1119
+ # @return [Array<Types::ConfigurationRecorder>]
1120
+ class DescribeConfigurationRecordersResponse < Struct.new(
1121
+ :configuration_recorders)
1122
+ include Aws::Structure
1123
+ end
1124
+
1125
+ # The input for the DeliveryChannelStatus action.
1126
+ # @note When making an API call, pass DescribeDeliveryChannelStatusRequest
1127
+ # data as a hash:
1128
+ #
1129
+ # {
1130
+ # delivery_channel_names: ["ChannelName"],
1131
+ # }
1132
+ # @!attribute [rw] delivery_channel_names
1133
+ # A list of delivery channel names.
1134
+ # @return [Array<String>]
1135
+ class DescribeDeliveryChannelStatusRequest < Struct.new(
1136
+ :delivery_channel_names)
1137
+ include Aws::Structure
1138
+ end
1139
+
1140
+ # The output for the DescribeDeliveryChannelStatus action.
1141
+ # @!attribute [rw] delivery_channels_status
1142
+ # A list that contains the status of a specified delivery channel.
1143
+ # @return [Array<Types::DeliveryChannelStatus>]
1144
+ class DescribeDeliveryChannelStatusResponse < Struct.new(
1145
+ :delivery_channels_status)
1146
+ include Aws::Structure
1147
+ end
1148
+
1149
+ # The input for the DescribeDeliveryChannels action.
1150
+ # @note When making an API call, pass DescribeDeliveryChannelsRequest
1151
+ # data as a hash:
1152
+ #
1153
+ # {
1154
+ # delivery_channel_names: ["ChannelName"],
1155
+ # }
1156
+ # @!attribute [rw] delivery_channel_names
1157
+ # A list of delivery channel names.
1158
+ # @return [Array<String>]
1159
+ class DescribeDeliveryChannelsRequest < Struct.new(
1160
+ :delivery_channel_names)
1161
+ include Aws::Structure
1162
+ end
1163
+
1164
+ # The output for the DescribeDeliveryChannels action.
1165
+ # @!attribute [rw] delivery_channels
1166
+ # A list that contains the descriptions of the specified delivery
1167
+ # channel.
1168
+ # @return [Array<Types::DeliveryChannel>]
1169
+ class DescribeDeliveryChannelsResponse < Struct.new(
1170
+ :delivery_channels)
1171
+ include Aws::Structure
1172
+ end
1173
+
1174
+ # Identifies an AWS resource and indicates whether it complies with the
1175
+ # AWS Config rule that it was evaluated against.
1176
+ # @note When making an API call, pass Evaluation
1177
+ # data as a hash:
1178
+ #
1179
+ # {
1180
+ # compliance_resource_type: "StringWithCharLimit256", # required
1181
+ # compliance_resource_id: "StringWithCharLimit256", # required
1182
+ # compliance_type: "COMPLIANT", # required, accepts COMPLIANT, NON_COMPLIANT, NOT_APPLICABLE, INSUFFICIENT_DATA
1183
+ # annotation: "StringWithCharLimit256",
1184
+ # ordering_timestamp: Time.now, # required
1185
+ # }
1186
+ # @!attribute [rw] compliance_resource_type
1187
+ # The type of AWS resource that was evaluated.
1188
+ # @return [String]
1189
+ #
1190
+ # @!attribute [rw] compliance_resource_id
1191
+ # The ID of the AWS resource that was evaluated.
1192
+ # @return [String]
1193
+ #
1194
+ # @!attribute [rw] compliance_type
1195
+ # Indicates whether the AWS resource complies with the AWS Config rule
1196
+ # that it was evaluated against.
1197
+ #
1198
+ # For the `Evaluation` data type, AWS Config supports only the
1199
+ # `COMPLIANT`, `NON_COMPLIANT`, and `NOT_APPLICABLE` values. AWS
1200
+ # Config does not support the `INSUFFICIENT_DATA` value for this data
1201
+ # type.
1202
+ #
1203
+ # Similarly, AWS Config does not accept `INSUFFICIENT_DATA` as the
1204
+ # value for `ComplianceType` from a `PutEvaluations` request. For
1205
+ # example, an AWS Lambda function for a custom Config rule cannot pass
1206
+ # an `INSUFFICIENT_DATA` value to AWS Config.
1207
+ # @return [String]
1208
+ #
1209
+ # @!attribute [rw] annotation
1210
+ # Supplementary information about how the evaluation determined the
1211
+ # compliance.
1212
+ # @return [String]
1213
+ #
1214
+ # @!attribute [rw] ordering_timestamp
1215
+ # The time of the event in AWS Config that triggered the evaluation.
1216
+ # For event-based evaluations, the time indicates when AWS Config
1217
+ # created the configuration item that triggered the evaluation. For
1218
+ # periodic evaluations, the time indicates when AWS Config delivered
1219
+ # the configuration snapshot that triggered the evaluation.
1220
+ # @return [Time]
1221
+ class Evaluation < Struct.new(
1222
+ :compliance_resource_type,
1223
+ :compliance_resource_id,
1224
+ :compliance_type,
1225
+ :annotation,
1226
+ :ordering_timestamp)
1227
+ include Aws::Structure
1228
+ end
1229
+
1230
+ # The details of an AWS Config evaluation. Provides the AWS resource
1231
+ # that was evaluated, the compliance of the resource, related
1232
+ # timestamps, and supplementary information.
1233
+ # @!attribute [rw] evaluation_result_identifier
1234
+ # Uniquely identifies the evaluation result.
1235
+ # @return [Types::EvaluationResultIdentifier]
1236
+ #
1237
+ # @!attribute [rw] compliance_type
1238
+ # Indicates whether the AWS resource complies with the AWS Config rule
1239
+ # that evaluated it.
1240
+ #
1241
+ # For the `EvaluationResult` data type, AWS Config supports only the
1242
+ # `COMPLIANT`, `NON_COMPLIANT`, and `NOT_APPLICABLE` values. AWS
1243
+ # Config does not support the `INSUFFICIENT_DATA` value for the
1244
+ # `EvaluationResult` data type.
1245
+ # @return [String]
1246
+ #
1247
+ # @!attribute [rw] result_recorded_time
1248
+ # The time when AWS Config recorded the evaluation result.
1249
+ # @return [Time]
1250
+ #
1251
+ # @!attribute [rw] config_rule_invoked_time
1252
+ # The time when the AWS Config rule evaluated the AWS resource.
1253
+ # @return [Time]
1254
+ #
1255
+ # @!attribute [rw] annotation
1256
+ # Supplementary information about how the evaluation determined the
1257
+ # compliance.
1258
+ # @return [String]
1259
+ #
1260
+ # @!attribute [rw] result_token
1261
+ # An encrypted token that associates an evaluation with an AWS Config
1262
+ # rule. The token identifies the rule, the AWS resource being
1263
+ # evaluated, and the event that triggered the evaluation.
1264
+ # @return [String]
1265
+ class EvaluationResult < Struct.new(
1266
+ :evaluation_result_identifier,
1267
+ :compliance_type,
1268
+ :result_recorded_time,
1269
+ :config_rule_invoked_time,
1270
+ :annotation,
1271
+ :result_token)
1272
+ include Aws::Structure
1273
+ end
1274
+
1275
+ # Uniquely identifies an evaluation result.
1276
+ # @!attribute [rw] evaluation_result_qualifier
1277
+ # Identifies an AWS Config rule used to evaluate an AWS resource, and
1278
+ # provides the type and ID of the evaluated resource.
1279
+ # @return [Types::EvaluationResultQualifier]
1280
+ #
1281
+ # @!attribute [rw] ordering_timestamp
1282
+ # The time of the event that triggered the evaluation of your AWS
1283
+ # resources. The time can indicate when AWS Config delivered a
1284
+ # configuration item change notification, or it can indicate when AWS
1285
+ # Config delivered the configuration snapshot, depending on which
1286
+ # event triggered the evaluation.
1287
+ # @return [Time]
1288
+ class EvaluationResultIdentifier < Struct.new(
1289
+ :evaluation_result_qualifier,
1290
+ :ordering_timestamp)
1291
+ include Aws::Structure
1292
+ end
1293
+
1294
+ # Identifies an AWS Config rule that evaluated an AWS resource, and
1295
+ # provides the type and ID of the resource that the rule evaluated.
1296
+ # @!attribute [rw] config_rule_name
1297
+ # The name of the AWS Config rule that was used in the evaluation.
1298
+ # @return [String]
1299
+ #
1300
+ # @!attribute [rw] resource_type
1301
+ # The type of AWS resource that was evaluated.
1302
+ # @return [String]
1303
+ #
1304
+ # @!attribute [rw] resource_id
1305
+ # The ID of the evaluated AWS resource.
1306
+ # @return [String]
1307
+ class EvaluationResultQualifier < Struct.new(
1308
+ :config_rule_name,
1309
+ :resource_type,
1310
+ :resource_id)
1311
+ include Aws::Structure
1312
+ end
1313
+
1314
+ # @note When making an API call, pass GetComplianceDetailsByConfigRuleRequest
1315
+ # data as a hash:
1316
+ #
1317
+ # {
1318
+ # config_rule_name: "StringWithCharLimit64", # required
1319
+ # compliance_types: ["COMPLIANT"], # accepts COMPLIANT, NON_COMPLIANT, NOT_APPLICABLE, INSUFFICIENT_DATA
1320
+ # limit: 1,
1321
+ # next_token: "NextToken",
1322
+ # }
1323
+ # @!attribute [rw] config_rule_name
1324
+ # The name of the AWS Config rule for which you want compliance
1325
+ # information.
1326
+ # @return [String]
1327
+ #
1328
+ # @!attribute [rw] compliance_types
1329
+ # Filters the results by compliance.
1330
+ #
1331
+ # The allowed values are `COMPLIANT`, `NON_COMPLIANT`, and
1332
+ # `NOT_APPLICABLE`.
1333
+ # @return [Array<String>]
1334
+ #
1335
+ # @!attribute [rw] limit
1336
+ # The maximum number of evaluation results returned on each page. The
1337
+ # default is 10. You cannot specify a limit greater than 100. If you
1338
+ # specify 0, AWS Config uses the default.
1339
+ # @return [Integer]
1340
+ #
1341
+ # @!attribute [rw] next_token
1342
+ # The `nextToken` string returned on a previous page that you use to
1343
+ # get the next page of results in a paginated response.
1344
+ # @return [String]
1345
+ class GetComplianceDetailsByConfigRuleRequest < Struct.new(
1346
+ :config_rule_name,
1347
+ :compliance_types,
1348
+ :limit,
1349
+ :next_token)
1350
+ include Aws::Structure
1351
+ end
1352
+
1353
+ # @!attribute [rw] evaluation_results
1354
+ # Indicates whether the AWS resource complies with the specified AWS
1355
+ # Config rule.
1356
+ # @return [Array<Types::EvaluationResult>]
1357
+ #
1358
+ # @!attribute [rw] next_token
1359
+ # The string that you use in a subsequent request to get the next page
1360
+ # of results in a paginated response.
1361
+ # @return [String]
1362
+ class GetComplianceDetailsByConfigRuleResponse < Struct.new(
1363
+ :evaluation_results,
1364
+ :next_token)
1365
+ include Aws::Structure
1366
+ end
1367
+
1368
+ # @note When making an API call, pass GetComplianceDetailsByResourceRequest
1369
+ # data as a hash:
1370
+ #
1371
+ # {
1372
+ # resource_type: "StringWithCharLimit256", # required
1373
+ # resource_id: "StringWithCharLimit256", # required
1374
+ # compliance_types: ["COMPLIANT"], # accepts COMPLIANT, NON_COMPLIANT, NOT_APPLICABLE, INSUFFICIENT_DATA
1375
+ # next_token: "String",
1376
+ # }
1377
+ # @!attribute [rw] resource_type
1378
+ # The type of the AWS resource for which you want compliance
1379
+ # information.
1380
+ # @return [String]
1381
+ #
1382
+ # @!attribute [rw] resource_id
1383
+ # The ID of the AWS resource for which you want compliance
1384
+ # information.
1385
+ # @return [String]
1386
+ #
1387
+ # @!attribute [rw] compliance_types
1388
+ # Filters the results by compliance.
1389
+ #
1390
+ # The allowed values are `COMPLIANT`, `NON_COMPLIANT`, and
1391
+ # `NOT_APPLICABLE`.
1392
+ # @return [Array<String>]
1393
+ #
1394
+ # @!attribute [rw] next_token
1395
+ # The `nextToken` string returned on a previous page that you use to
1396
+ # get the next page of results in a paginated response.
1397
+ # @return [String]
1398
+ class GetComplianceDetailsByResourceRequest < Struct.new(
1399
+ :resource_type,
1400
+ :resource_id,
1401
+ :compliance_types,
1402
+ :next_token)
1403
+ include Aws::Structure
1404
+ end
1405
+
1406
+ # @!attribute [rw] evaluation_results
1407
+ # Indicates whether the specified AWS resource complies each AWS
1408
+ # Config rule.
1409
+ # @return [Array<Types::EvaluationResult>]
1410
+ #
1411
+ # @!attribute [rw] next_token
1412
+ # The string that you use in a subsequent request to get the next page
1413
+ # of results in a paginated response.
1414
+ # @return [String]
1415
+ class GetComplianceDetailsByResourceResponse < Struct.new(
1416
+ :evaluation_results,
1417
+ :next_token)
1418
+ include Aws::Structure
1419
+ end
1420
+
1421
+ # @!attribute [rw] compliance_summary
1422
+ # The number of AWS Config rules that are compliant and the number
1423
+ # that are noncompliant, up to a maximum of 25 for each.
1424
+ # @return [Types::ComplianceSummary]
1425
+ class GetComplianceSummaryByConfigRuleResponse < Struct.new(
1426
+ :compliance_summary)
1427
+ include Aws::Structure
1428
+ end
1429
+
1430
+ # @note When making an API call, pass GetComplianceSummaryByResourceTypeRequest
1431
+ # data as a hash:
1432
+ #
1433
+ # {
1434
+ # resource_types: ["StringWithCharLimit256"],
1435
+ # }
1436
+ # @!attribute [rw] resource_types
1437
+ # Specify one or more resource types to get the number of resources
1438
+ # that are compliant and the number that are noncompliant for each
1439
+ # resource type.
1440
+ #
1441
+ # For this request, you can specify an AWS resource type such as
1442
+ # `AWS::EC2::Instance`, and you can specify that the resource type is
1443
+ # an AWS account by specifying `AWS::::Account`.
1444
+ # @return [Array<String>]
1445
+ class GetComplianceSummaryByResourceTypeRequest < Struct.new(
1446
+ :resource_types)
1447
+ include Aws::Structure
1448
+ end
1449
+
1450
+ # @!attribute [rw] compliance_summaries_by_resource_type
1451
+ # The number of resources that are compliant and the number that are
1452
+ # noncompliant. If one or more resource types were provided with the
1453
+ # request, the numbers are returned for each resource type. The
1454
+ # maximum number returned is 100.
1455
+ # @return [Array<Types::ComplianceSummaryByResourceType>]
1456
+ class GetComplianceSummaryByResourceTypeResponse < Struct.new(
1457
+ :compliance_summaries_by_resource_type)
1458
+ include Aws::Structure
1459
+ end
1460
+
1461
+ # The input for the GetResourceConfigHistory action.
1462
+ # @note When making an API call, pass GetResourceConfigHistoryRequest
1463
+ # data as a hash:
1464
+ #
1465
+ # {
1466
+ # resource_type: "AWS::EC2::CustomerGateway", # required, accepts AWS::EC2::CustomerGateway, AWS::EC2::EIP, AWS::EC2::Host, AWS::EC2::Instance, AWS::EC2::InternetGateway, AWS::EC2::NetworkAcl, AWS::EC2::NetworkInterface, AWS::EC2::RouteTable, AWS::EC2::SecurityGroup, AWS::EC2::Subnet, AWS::CloudTrail::Trail, AWS::EC2::Volume, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::IAM::Group, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::ACM::Certificate, AWS::RDS::DBInstance, AWS::RDS::DBSubnetGroup, AWS::RDS::DBSecurityGroup, AWS::RDS::DBSnapshot, AWS::RDS::EventSubscription, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::S3::Bucket
1467
+ # resource_id: "ResourceId", # required
1468
+ # later_time: Time.now,
1469
+ # earlier_time: Time.now,
1470
+ # chronological_order: "Reverse", # accepts Reverse, Forward
1471
+ # limit: 1,
1472
+ # next_token: "NextToken",
1473
+ # }
1474
+ # @!attribute [rw] resource_type
1475
+ # The resource type.
1476
+ # @return [String]
1477
+ #
1478
+ # @!attribute [rw] resource_id
1479
+ # The ID of the resource (for example., `sg-xxxxxx`).
1480
+ # @return [String]
1481
+ #
1482
+ # @!attribute [rw] later_time
1483
+ # The time stamp that indicates a later time. If not specified,
1484
+ # current time is taken.
1485
+ # @return [Time]
1486
+ #
1487
+ # @!attribute [rw] earlier_time
1488
+ # The time stamp that indicates an earlier time. If not specified, the
1489
+ # action returns paginated results that contain configuration items
1490
+ # that start from when the first configuration item was recorded.
1491
+ # @return [Time]
1492
+ #
1493
+ # @!attribute [rw] chronological_order
1494
+ # The chronological order for configuration items listed. By default
1495
+ # the results are listed in reverse chronological order.
1496
+ # @return [String]
1497
+ #
1498
+ # @!attribute [rw] limit
1499
+ # The maximum number of configuration items returned on each page. The
1500
+ # default is 10. You cannot specify a limit greater than 100. If you
1501
+ # specify 0, AWS Config uses the default.
1502
+ # @return [Integer]
1503
+ #
1504
+ # @!attribute [rw] next_token
1505
+ # The `nextToken` string returned on a previous page that you use to
1506
+ # get the next page of results in a paginated response.
1507
+ # @return [String]
1508
+ class GetResourceConfigHistoryRequest < Struct.new(
1509
+ :resource_type,
1510
+ :resource_id,
1511
+ :later_time,
1512
+ :earlier_time,
1513
+ :chronological_order,
1514
+ :limit,
1515
+ :next_token)
1516
+ include Aws::Structure
1517
+ end
1518
+
1519
+ # The output for the GetResourceConfigHistory action.
1520
+ # @!attribute [rw] configuration_items
1521
+ # A list that contains the configuration history of one or more
1522
+ # resources.
1523
+ # @return [Array<Types::ConfigurationItem>]
1524
+ #
1525
+ # @!attribute [rw] next_token
1526
+ # The string that you use in a subsequent request to get the next page
1527
+ # of results in a paginated response.
1528
+ # @return [String]
1529
+ class GetResourceConfigHistoryResponse < Struct.new(
1530
+ :configuration_items,
1531
+ :next_token)
1532
+ include Aws::Structure
1533
+ end
1534
+
1535
+ # @note When making an API call, pass ListDiscoveredResourcesRequest
1536
+ # data as a hash:
1537
+ #
1538
+ # {
1539
+ # resource_type: "AWS::EC2::CustomerGateway", # required, accepts AWS::EC2::CustomerGateway, AWS::EC2::EIP, AWS::EC2::Host, AWS::EC2::Instance, AWS::EC2::InternetGateway, AWS::EC2::NetworkAcl, AWS::EC2::NetworkInterface, AWS::EC2::RouteTable, AWS::EC2::SecurityGroup, AWS::EC2::Subnet, AWS::CloudTrail::Trail, AWS::EC2::Volume, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::IAM::Group, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::ACM::Certificate, AWS::RDS::DBInstance, AWS::RDS::DBSubnetGroup, AWS::RDS::DBSecurityGroup, AWS::RDS::DBSnapshot, AWS::RDS::EventSubscription, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::S3::Bucket
1540
+ # resource_ids: ["ResourceId"],
1541
+ # resource_name: "ResourceName",
1542
+ # limit: 1,
1543
+ # include_deleted_resources: false,
1544
+ # next_token: "NextToken",
1545
+ # }
1546
+ # @!attribute [rw] resource_type
1547
+ # The type of resources that you want AWS Config to list in the
1548
+ # response.
1549
+ # @return [String]
1550
+ #
1551
+ # @!attribute [rw] resource_ids
1552
+ # The IDs of only those resources that you want AWS Config to list in
1553
+ # the response. If you do not specify this parameter, AWS Config lists
1554
+ # all resources of the specified type that it has discovered.
1555
+ # @return [Array<String>]
1556
+ #
1557
+ # @!attribute [rw] resource_name
1558
+ # The custom name of only those resources that you want AWS Config to
1559
+ # list in the response. If you do not specify this parameter, AWS
1560
+ # Config lists all resources of the specified type that it has
1561
+ # discovered.
1562
+ # @return [String]
1563
+ #
1564
+ # @!attribute [rw] limit
1565
+ # The maximum number of resource identifiers returned on each page.
1566
+ # The default is 100. You cannot specify a limit greater than 100. If
1567
+ # you specify 0, AWS Config uses the default.
1568
+ # @return [Integer]
1569
+ #
1570
+ # @!attribute [rw] include_deleted_resources
1571
+ # Specifies whether AWS Config includes deleted resources in the
1572
+ # results. By default, deleted resources are not included.
1573
+ # @return [Boolean]
1574
+ #
1575
+ # @!attribute [rw] next_token
1576
+ # The `nextToken` string returned on a previous page that you use to
1577
+ # get the next page of results in a paginated response.
1578
+ # @return [String]
1579
+ class ListDiscoveredResourcesRequest < Struct.new(
1580
+ :resource_type,
1581
+ :resource_ids,
1582
+ :resource_name,
1583
+ :limit,
1584
+ :include_deleted_resources,
1585
+ :next_token)
1586
+ include Aws::Structure
1587
+ end
1588
+
1589
+ # @!attribute [rw] resource_identifiers
1590
+ # The details that identify a resource that is discovered by AWS
1591
+ # Config, including the resource type, ID, and (if available) the
1592
+ # custom resource name.
1593
+ # @return [Array<Types::ResourceIdentifier>]
1594
+ #
1595
+ # @!attribute [rw] next_token
1596
+ # The string that you use in a subsequent request to get the next page
1597
+ # of results in a paginated response.
1598
+ # @return [String]
1599
+ class ListDiscoveredResourcesResponse < Struct.new(
1600
+ :resource_identifiers,
1601
+ :next_token)
1602
+ include Aws::Structure
1603
+ end
1604
+
1605
+ # @note When making an API call, pass PutConfigRuleRequest
1606
+ # data as a hash:
1607
+ #
1608
+ # {
1609
+ # config_rule: { # required
1610
+ # config_rule_name: "StringWithCharLimit64",
1611
+ # config_rule_arn: "String",
1612
+ # config_rule_id: "String",
1613
+ # description: "EmptiableStringWithCharLimit256",
1614
+ # scope: {
1615
+ # compliance_resource_types: ["StringWithCharLimit256"],
1616
+ # tag_key: "StringWithCharLimit128",
1617
+ # tag_value: "StringWithCharLimit256",
1618
+ # compliance_resource_id: "StringWithCharLimit256",
1619
+ # },
1620
+ # source: { # required
1621
+ # owner: "CUSTOM_LAMBDA", # accepts CUSTOM_LAMBDA, AWS
1622
+ # source_identifier: "StringWithCharLimit256",
1623
+ # source_details: [
1624
+ # {
1625
+ # event_source: "aws.config", # accepts aws.config
1626
+ # message_type: "ConfigurationItemChangeNotification", # accepts ConfigurationItemChangeNotification, ConfigurationSnapshotDeliveryCompleted, ScheduledNotification
1627
+ # maximum_execution_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
1628
+ # },
1629
+ # ],
1630
+ # },
1631
+ # input_parameters: "StringWithCharLimit256",
1632
+ # maximum_execution_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
1633
+ # config_rule_state: "ACTIVE", # accepts ACTIVE, DELETING, DELETING_RESULTS, EVALUATING
1634
+ # },
1635
+ # }
1636
+ # @!attribute [rw] config_rule
1637
+ # An AWS Config rule represents an AWS Lambda function that you create
1638
+ # for a custom rule or a predefined function for an AWS managed rule.
1639
+ # The function evaluates configuration items to assess whether your
1640
+ # AWS resources comply with your desired configurations. This function
1641
+ # can run when AWS Config detects a configuration change to an AWS
1642
+ # resource and at a periodic frequency that you choose (for example,
1643
+ # every 24 hours).
1644
+ #
1645
+ # <note markdown="1"> You can use the AWS CLI and AWS SDKs if you want to create a rule
1646
+ # that triggers evaluations for your resources when AWS Config
1647
+ # delivers the configuration snapshot. For more information, see
1648
+ # ConfigSnapshotDeliveryProperties.
1649
+ #
1650
+ # </note>
1651
+ #
1652
+ # For more information about developing and using AWS Config rules,
1653
+ # see [Evaluating AWS Resource Configurations with AWS Config][1] in
1654
+ # the *AWS Config Developer Guide*.
1655
+ #
1656
+ #
1657
+ #
1658
+ # [1]: http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html
1659
+ # @return [Types::ConfigRule]
1660
+ class PutConfigRuleRequest < Struct.new(
1661
+ :config_rule)
1662
+ include Aws::Structure
1663
+ end
1664
+
1665
+ # The input for the PutConfigurationRecorder action.
1666
+ # @note When making an API call, pass PutConfigurationRecorderRequest
1667
+ # data as a hash:
1668
+ #
1669
+ # {
1670
+ # configuration_recorder: { # required
1671
+ # name: "RecorderName",
1672
+ # role_arn: "String",
1673
+ # recording_group: {
1674
+ # all_supported: false,
1675
+ # include_global_resource_types: false,
1676
+ # resource_types: ["AWS::EC2::CustomerGateway"], # accepts AWS::EC2::CustomerGateway, AWS::EC2::EIP, AWS::EC2::Host, AWS::EC2::Instance, AWS::EC2::InternetGateway, AWS::EC2::NetworkAcl, AWS::EC2::NetworkInterface, AWS::EC2::RouteTable, AWS::EC2::SecurityGroup, AWS::EC2::Subnet, AWS::CloudTrail::Trail, AWS::EC2::Volume, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::IAM::Group, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::ACM::Certificate, AWS::RDS::DBInstance, AWS::RDS::DBSubnetGroup, AWS::RDS::DBSecurityGroup, AWS::RDS::DBSnapshot, AWS::RDS::EventSubscription, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::S3::Bucket
1677
+ # },
1678
+ # },
1679
+ # }
1680
+ # @!attribute [rw] configuration_recorder
1681
+ # The configuration recorder object that records each configuration
1682
+ # change made to the resources.
1683
+ # @return [Types::ConfigurationRecorder]
1684
+ class PutConfigurationRecorderRequest < Struct.new(
1685
+ :configuration_recorder)
1686
+ include Aws::Structure
1687
+ end
1688
+
1689
+ # The input for the PutDeliveryChannel action.
1690
+ # @note When making an API call, pass PutDeliveryChannelRequest
1691
+ # data as a hash:
1692
+ #
1693
+ # {
1694
+ # delivery_channel: { # required
1695
+ # name: "ChannelName",
1696
+ # s3_bucket_name: "String",
1697
+ # s3_key_prefix: "String",
1698
+ # sns_topic_arn: "String",
1699
+ # config_snapshot_delivery_properties: {
1700
+ # delivery_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
1701
+ # },
1702
+ # },
1703
+ # }
1704
+ # @!attribute [rw] delivery_channel
1705
+ # The configuration delivery channel object that delivers the
1706
+ # configuration information to an Amazon S3 bucket, and to an Amazon
1707
+ # SNS topic.
1708
+ # @return [Types::DeliveryChannel]
1709
+ class PutDeliveryChannelRequest < Struct.new(
1710
+ :delivery_channel)
1711
+ include Aws::Structure
1712
+ end
1713
+
1714
+ # @note When making an API call, pass PutEvaluationsRequest
1715
+ # data as a hash:
1716
+ #
1717
+ # {
1718
+ # evaluations: [
1719
+ # {
1720
+ # compliance_resource_type: "StringWithCharLimit256", # required
1721
+ # compliance_resource_id: "StringWithCharLimit256", # required
1722
+ # compliance_type: "COMPLIANT", # required, accepts COMPLIANT, NON_COMPLIANT, NOT_APPLICABLE, INSUFFICIENT_DATA
1723
+ # annotation: "StringWithCharLimit256",
1724
+ # ordering_timestamp: Time.now, # required
1725
+ # },
1726
+ # ],
1727
+ # result_token: "String", # required
1728
+ # }
1729
+ # @!attribute [rw] evaluations
1730
+ # The assessments that the AWS Lambda function performs. Each
1731
+ # evaluation identifies an AWS resource and indicates whether it
1732
+ # complies with the AWS Config rule that invokes the AWS Lambda
1733
+ # function.
1734
+ # @return [Array<Types::Evaluation>]
1735
+ #
1736
+ # @!attribute [rw] result_token
1737
+ # An encrypted token that associates an evaluation with an AWS Config
1738
+ # rule. Identifies the rule and the event that triggered the
1739
+ # evaluation
1740
+ # @return [String]
1741
+ class PutEvaluationsRequest < Struct.new(
1742
+ :evaluations,
1743
+ :result_token)
1744
+ include Aws::Structure
1745
+ end
1746
+
1747
+ # @!attribute [rw] failed_evaluations
1748
+ # Requests that failed because of a client or server error.
1749
+ # @return [Array<Types::Evaluation>]
1750
+ class PutEvaluationsResponse < Struct.new(
1751
+ :failed_evaluations)
1752
+ include Aws::Structure
1753
+ end
1754
+
1755
+ # Specifies the types of AWS resource for which AWS Config records
1756
+ # configuration changes.
1757
+ #
1758
+ # In the recording group, you specify whether all supported types or
1759
+ # specific types of resources are recorded.
1760
+ #
1761
+ # By default, AWS Config records configuration changes for all supported
1762
+ # types of regional resources that AWS Config discovers in the region in
1763
+ # which it is running. Regional resources are tied to a region and can
1764
+ # be used only in that region. Examples of regional resources are EC2
1765
+ # instances and EBS volumes.
1766
+ #
1767
+ # You can also have AWS Config record configuration changes for
1768
+ # supported types of global resources (for example, IAM resources).
1769
+ # Global resources are not tied to an individual region and can be used
1770
+ # in all regions.
1771
+ #
1772
+ # The configuration details for any global resource are the same in all
1773
+ # regions. If you customize AWS Config in multiple regions to record
1774
+ # global resources, it will create multiple configuration items each
1775
+ # time a global resource changes: one configuration item for each
1776
+ # region. These configuration items will contain identical data. To
1777
+ # prevent duplicate configuration items, you should consider customizing
1778
+ # AWS Config in only one region to record global resources, unless you
1779
+ # want the configuration items to be available in multiple regions.
1780
+ #
1781
+ # If you don't want AWS Config to record all resources, you can specify
1782
+ # which types of resources it will record with the `resourceTypes`
1783
+ # parameter.
1784
+ #
1785
+ # For a list of supported resource types, see [Supported resource
1786
+ # types][1].
1787
+ #
1788
+ # For more information, see [Selecting Which Resources AWS Config
1789
+ # Records][2].
1790
+ #
1791
+ #
1792
+ #
1793
+ # [1]: http://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources
1794
+ # [2]: http://docs.aws.amazon.com/config/latest/developerguide/select-resources.html
1795
+ # @note When making an API call, pass RecordingGroup
1796
+ # data as a hash:
1797
+ #
1798
+ # {
1799
+ # all_supported: false,
1800
+ # include_global_resource_types: false,
1801
+ # resource_types: ["AWS::EC2::CustomerGateway"], # accepts AWS::EC2::CustomerGateway, AWS::EC2::EIP, AWS::EC2::Host, AWS::EC2::Instance, AWS::EC2::InternetGateway, AWS::EC2::NetworkAcl, AWS::EC2::NetworkInterface, AWS::EC2::RouteTable, AWS::EC2::SecurityGroup, AWS::EC2::Subnet, AWS::CloudTrail::Trail, AWS::EC2::Volume, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::IAM::Group, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::ACM::Certificate, AWS::RDS::DBInstance, AWS::RDS::DBSubnetGroup, AWS::RDS::DBSecurityGroup, AWS::RDS::DBSnapshot, AWS::RDS::EventSubscription, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::S3::Bucket
1802
+ # }
1803
+ # @!attribute [rw] all_supported
1804
+ # Specifies whether AWS Config records configuration changes for every
1805
+ # supported type of regional resource.
1806
+ #
1807
+ # If you set this option to `true`, when AWS Config adds support for a
1808
+ # new type of regional resource, it automatically starts recording
1809
+ # resources of that type.
1810
+ #
1811
+ # If you set this option to `true`, you cannot enumerate a list of
1812
+ # `resourceTypes`.
1813
+ # @return [Boolean]
1814
+ #
1815
+ # @!attribute [rw] include_global_resource_types
1816
+ # Specifies whether AWS Config includes all supported types of global
1817
+ # resources (for example, IAM resources) with the resources that it
1818
+ # records.
1819
+ #
1820
+ # Before you can set this option to `true`, you must set the
1821
+ # `allSupported` option to `true`.
1822
+ #
1823
+ # If you set this option to `true`, when AWS Config adds support for a
1824
+ # new type of global resource, it automatically starts recording
1825
+ # resources of that type.
1826
+ #
1827
+ # The configuration details for any global resource are the same in
1828
+ # all regions. To prevent duplicate configuration items, you should
1829
+ # consider customizing AWS Config in only one region to record global
1830
+ # resources.
1831
+ # @return [Boolean]
1832
+ #
1833
+ # @!attribute [rw] resource_types
1834
+ # A comma-separated list that specifies the types of AWS resources for
1835
+ # which AWS Config records configuration changes (for example,
1836
+ # `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`).
1837
+ #
1838
+ # Before you can set this option to `true`, you must set the
1839
+ # `allSupported` option to `false`.
1840
+ #
1841
+ # If you set this option to `true`, when AWS Config adds support for a
1842
+ # new type of resource, it will not record resources of that type
1843
+ # unless you manually add that type to your recording group.
1844
+ #
1845
+ # For a list of valid `resourceTypes` values, see the **resourceType
1846
+ # Value** column in [Supported AWS Resource Types][1].
1847
+ #
1848
+ #
1849
+ #
1850
+ # [1]: http://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources
1851
+ # @return [Array<String>]
1852
+ class RecordingGroup < Struct.new(
1853
+ :all_supported,
1854
+ :include_global_resource_types,
1855
+ :resource_types)
1856
+ include Aws::Structure
1857
+ end
1858
+
1859
+ # The relationship of the related resource to the main resource.
1860
+ # @!attribute [rw] resource_type
1861
+ # The resource type of the related resource.
1862
+ # @return [String]
1863
+ #
1864
+ # @!attribute [rw] resource_id
1865
+ # The ID of the related resource (for example, `sg-xxxxxx`).
1866
+ # @return [String]
1867
+ #
1868
+ # @!attribute [rw] resource_name
1869
+ # The custom name of the related resource, if available.
1870
+ # @return [String]
1871
+ #
1872
+ # @!attribute [rw] relationship_name
1873
+ # The type of relationship with the related resource.
1874
+ # @return [String]
1875
+ class Relationship < Struct.new(
1876
+ :resource_type,
1877
+ :resource_id,
1878
+ :resource_name,
1879
+ :relationship_name)
1880
+ include Aws::Structure
1881
+ end
1882
+
1883
+ # The details that identify a resource that is discovered by AWS Config,
1884
+ # including the resource type, ID, and (if available) the custom
1885
+ # resource name.
1886
+ # @!attribute [rw] resource_type
1887
+ # The type of resource.
1888
+ # @return [String]
1889
+ #
1890
+ # @!attribute [rw] resource_id
1891
+ # The ID of the resource (for example., `sg-xxxxxx`).
1892
+ # @return [String]
1893
+ #
1894
+ # @!attribute [rw] resource_name
1895
+ # The custom name of the resource (if available).
1896
+ # @return [String]
1897
+ #
1898
+ # @!attribute [rw] resource_deletion_time
1899
+ # The time that the resource was deleted.
1900
+ # @return [Time]
1901
+ class ResourceIdentifier < Struct.new(
1902
+ :resource_type,
1903
+ :resource_id,
1904
+ :resource_name,
1905
+ :resource_deletion_time)
1906
+ include Aws::Structure
1907
+ end
1908
+
1909
+ # Defines which resources trigger an evaluation for an AWS Config rule.
1910
+ # The scope can include one or more resource types, a combination of a
1911
+ # tag key and value, or a combination of one resource type and one
1912
+ # resource ID. Specify a scope to constrain which resources trigger an
1913
+ # evaluation for a rule. Otherwise, evaluations for the rule are
1914
+ # triggered when any resource in your recording group changes in
1915
+ # configuration.
1916
+ # @note When making an API call, pass Scope
1917
+ # data as a hash:
1918
+ #
1919
+ # {
1920
+ # compliance_resource_types: ["StringWithCharLimit256"],
1921
+ # tag_key: "StringWithCharLimit128",
1922
+ # tag_value: "StringWithCharLimit256",
1923
+ # compliance_resource_id: "StringWithCharLimit256",
1924
+ # }
1925
+ # @!attribute [rw] compliance_resource_types
1926
+ # The resource types of only those AWS resources that you want to
1927
+ # trigger an evaluation for the rule. You can only specify one type if
1928
+ # you also specify a resource ID for `ComplianceResourceId`.
1929
+ # @return [Array<String>]
1930
+ #
1931
+ # @!attribute [rw] tag_key
1932
+ # The tag key that is applied to only those AWS resources that you
1933
+ # want you want to trigger an evaluation for the rule.
1934
+ # @return [String]
1935
+ #
1936
+ # @!attribute [rw] tag_value
1937
+ # The tag value applied to only those AWS resources that you want to
1938
+ # trigger an evaluation for the rule. If you specify a value for
1939
+ # `TagValue`, you must also specify a value for `TagKey`.
1940
+ # @return [String]
1941
+ #
1942
+ # @!attribute [rw] compliance_resource_id
1943
+ # The IDs of the only AWS resource that you want to trigger an
1944
+ # evaluation for the rule. If you specify a resource ID, you must
1945
+ # specify one resource type for `ComplianceResourceTypes`.
1946
+ # @return [String]
1947
+ class Scope < Struct.new(
1948
+ :compliance_resource_types,
1949
+ :tag_key,
1950
+ :tag_value,
1951
+ :compliance_resource_id)
1952
+ include Aws::Structure
1953
+ end
1954
+
1955
+ # Provides the AWS Config rule owner (AWS or customer), the rule
1956
+ # identifier, and the events that trigger the evaluation of your AWS
1957
+ # resources.
1958
+ # @note When making an API call, pass Source
1959
+ # data as a hash:
1960
+ #
1961
+ # {
1962
+ # owner: "CUSTOM_LAMBDA", # accepts CUSTOM_LAMBDA, AWS
1963
+ # source_identifier: "StringWithCharLimit256",
1964
+ # source_details: [
1965
+ # {
1966
+ # event_source: "aws.config", # accepts aws.config
1967
+ # message_type: "ConfigurationItemChangeNotification", # accepts ConfigurationItemChangeNotification, ConfigurationSnapshotDeliveryCompleted, ScheduledNotification
1968
+ # maximum_execution_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
1969
+ # },
1970
+ # ],
1971
+ # }
1972
+ # @!attribute [rw] owner
1973
+ # Indicates whether AWS or the customer owns and manages the AWS
1974
+ # Config rule.
1975
+ # @return [String]
1976
+ #
1977
+ # @!attribute [rw] source_identifier
1978
+ # For AWS Config managed rules, a predefined identifier from a list.
1979
+ # For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a
1980
+ # managed rule, see [Using AWS Managed Config Rules][1].
1981
+ #
1982
+ # For custom rules, the identifier is the Amazon Resource Name (ARN)
1983
+ # of the rule's AWS Lambda function, such as
1984
+ # `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name`.
1985
+ #
1986
+ #
1987
+ #
1988
+ # [1]: http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html
1989
+ # @return [String]
1990
+ #
1991
+ # @!attribute [rw] source_details
1992
+ # Provides the source and type of the event that causes AWS Config to
1993
+ # evaluate your AWS resources.
1994
+ # @return [Array<Types::SourceDetail>]
1995
+ class Source < Struct.new(
1996
+ :owner,
1997
+ :source_identifier,
1998
+ :source_details)
1999
+ include Aws::Structure
2000
+ end
2001
+
2002
+ # Provides the source and the message types that trigger AWS Config to
2003
+ # evaluate your AWS resources against a rule. It also provides the
2004
+ # frequency with which you want AWS Config to run evaluations for the
2005
+ # rule if the trigger type is periodic. You can specify the parameter
2006
+ # values for `SourceDetail` only for custom rules.
2007
+ # @note When making an API call, pass SourceDetail
2008
+ # data as a hash:
2009
+ #
2010
+ # {
2011
+ # event_source: "aws.config", # accepts aws.config
2012
+ # message_type: "ConfigurationItemChangeNotification", # accepts ConfigurationItemChangeNotification, ConfigurationSnapshotDeliveryCompleted, ScheduledNotification
2013
+ # maximum_execution_frequency: "One_Hour", # accepts One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours
2014
+ # }
2015
+ # @!attribute [rw] event_source
2016
+ # The source of the event, such as an AWS service, that triggers AWS
2017
+ # Config to evaluate your AWS resources.
2018
+ # @return [String]
2019
+ #
2020
+ # @!attribute [rw] message_type
2021
+ # The type of notification that triggers AWS Config to run an
2022
+ # evaluation. You can specify the following notification types:
2023
+ #
2024
+ # `ConfigurationItemChangeNotification` - Triggers an evaluation when
2025
+ # AWS Config delivers a configuration item change notification.
2026
+ #
2027
+ # `ScheduledNotification` - Triggers a periodic evaluation at the
2028
+ # frequency specified for `MaximumExecutionFrequency`.
2029
+ #
2030
+ # `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic
2031
+ # evaluation when AWS Config delivers a configuration snapshot.
2032
+ # @return [String]
2033
+ #
2034
+ # @!attribute [rw] maximum_execution_frequency
2035
+ # The frequency that you want AWS Config to run evaluations for a rule
2036
+ # that is triggered periodically. If you specify a value for
2037
+ # `MaximumExecutionFrequency`, then `MessageType` must use the
2038
+ # `ScheduledNotification` value.
2039
+ # @return [String]
2040
+ class SourceDetail < Struct.new(
2041
+ :event_source,
2042
+ :message_type,
2043
+ :maximum_execution_frequency)
2044
+ include Aws::Structure
2045
+ end
2046
+
2047
+ # @note When making an API call, pass StartConfigRulesEvaluationRequest
2048
+ # data as a hash:
2049
+ #
2050
+ # {
2051
+ # config_rule_names: ["StringWithCharLimit64"],
2052
+ # }
2053
+ # @!attribute [rw] config_rule_names
2054
+ # The list of names of Config rules that you want to run evaluations
2055
+ # for.
2056
+ # @return [Array<String>]
2057
+ class StartConfigRulesEvaluationRequest < Struct.new(
2058
+ :config_rule_names)
2059
+ include Aws::Structure
2060
+ end
2061
+
2062
+ # The output when you start the evaluation for the specified Config
2063
+ # rule.
2064
+ class StartConfigRulesEvaluationResponse < Aws::EmptyStructure; end
2065
+
2066
+ # The input for the StartConfigurationRecorder action.
2067
+ # @note When making an API call, pass StartConfigurationRecorderRequest
2068
+ # data as a hash:
2069
+ #
2070
+ # {
2071
+ # configuration_recorder_name: "RecorderName", # required
2072
+ # }
2073
+ # @!attribute [rw] configuration_recorder_name
2074
+ # The name of the recorder object that records each configuration
2075
+ # change made to the resources.
2076
+ # @return [String]
2077
+ class StartConfigurationRecorderRequest < Struct.new(
2078
+ :configuration_recorder_name)
2079
+ include Aws::Structure
2080
+ end
2081
+
2082
+ # The input for the StopConfigurationRecorder action.
2083
+ # @note When making an API call, pass StopConfigurationRecorderRequest
2084
+ # data as a hash:
2085
+ #
2086
+ # {
2087
+ # configuration_recorder_name: "RecorderName", # required
2088
+ # }
2089
+ # @!attribute [rw] configuration_recorder_name
2090
+ # The name of the recorder object that records each configuration
2091
+ # change made to the resources.
2092
+ # @return [String]
2093
+ class StopConfigurationRecorderRequest < Struct.new(
2094
+ :configuration_recorder_name)
2095
+ include Aws::Structure
2096
+ end
2097
+
2098
+ end
2099
+ end
2100
+ end