aws-sdk-configservice 1.89.0 → 1.91.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-configservice/client.rb +66 -48
- data/lib/aws-sdk-configservice/client_api.rb +11 -0
- data/lib/aws-sdk-configservice/types.rb +369 -104
- data/lib/aws-sdk-configservice.rb +1 -1
- metadata +4 -4
@@ -1393,29 +1393,82 @@ module Aws::ConfigService
|
|
1393
1393
|
include Aws::Structure
|
1394
1394
|
end
|
1395
1395
|
|
1396
|
-
#
|
1397
|
-
#
|
1396
|
+
# Records configuration changes to specified resource types. For more
|
1397
|
+
# information about the configuration recorder, see [ **Managing the
|
1398
|
+
# Configuration Recorder** ][1] in the *Config Developer Guide*.
|
1399
|
+
#
|
1400
|
+
#
|
1401
|
+
#
|
1402
|
+
# [1]: https://docs.aws.amazon.com/config/latest/developerguide/stop-start-recorder.html
|
1398
1403
|
#
|
1399
1404
|
# @!attribute [rw] name
|
1400
|
-
# The name of the recorder.
|
1401
|
-
# the name "default" when creating the configuration recorder.
|
1402
|
-
#
|
1405
|
+
# The name of the configuration recorder. Config automatically assigns
|
1406
|
+
# the name of "default" when creating the configuration recorder.
|
1407
|
+
#
|
1408
|
+
# You cannot change the name of the configuration recorder after it
|
1409
|
+
# has been created. To change the configuration recorder name, you
|
1410
|
+
# must delete it and create a new configuration recorder with a new
|
1411
|
+
# name.
|
1403
1412
|
# @return [String]
|
1404
1413
|
#
|
1405
1414
|
# @!attribute [rw] role_arn
|
1406
|
-
# Amazon Resource Name (ARN) of the IAM role
|
1407
|
-
#
|
1415
|
+
# Amazon Resource Name (ARN) of the IAM role assumed by Config and
|
1416
|
+
# used by the configuration recorder.
|
1408
1417
|
#
|
1409
1418
|
# <note markdown="1"> While the API model does not require this field, the server will
|
1410
|
-
# reject a request without a defined roleARN for the configuration
|
1419
|
+
# reject a request without a defined `roleARN` for the configuration
|
1411
1420
|
# recorder.
|
1412
1421
|
#
|
1413
1422
|
# </note>
|
1423
|
+
#
|
1424
|
+
# <note markdown="1"> **Pre-existing Config role**
|
1425
|
+
#
|
1426
|
+
# If you have used an Amazon Web Services service that uses Config,
|
1427
|
+
# such as Security Hub or Control Tower, and an Config role has
|
1428
|
+
# already been created, make sure that the IAM role that you use when
|
1429
|
+
# setting up Config keeps the same minimum permissions as the already
|
1430
|
+
# created Config role. You must do this so that the other Amazon Web
|
1431
|
+
# Services service continues to run as expected.
|
1432
|
+
#
|
1433
|
+
# For example, if Control Tower has an IAM role that allows Config to
|
1434
|
+
# read Amazon Simple Storage Service (Amazon S3) objects, make sure
|
1435
|
+
# that the same permissions are granted within the IAM role you use
|
1436
|
+
# when setting up Config. Otherwise, it may interfere with how Control
|
1437
|
+
# Tower operates. For more information about IAM roles for Config, see
|
1438
|
+
# [ **Identity and Access Management for Config** ][1] in the *Config
|
1439
|
+
# Developer Guide*.
|
1440
|
+
#
|
1441
|
+
# </note>
|
1442
|
+
#
|
1443
|
+
#
|
1444
|
+
#
|
1445
|
+
# [1]: https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html
|
1414
1446
|
# @return [String]
|
1415
1447
|
#
|
1416
1448
|
# @!attribute [rw] recording_group
|
1417
|
-
# Specifies
|
1418
|
-
#
|
1449
|
+
# Specifies which resource types Config records for configuration
|
1450
|
+
# changes.
|
1451
|
+
#
|
1452
|
+
# <note markdown="1"> <b> High Number of Config Evaluations</b>
|
1453
|
+
#
|
1454
|
+
# You may notice increased activity in your account during your
|
1455
|
+
# initial month recording with Config when compared to subsequent
|
1456
|
+
# months. During the initial bootstrapping process, Config runs
|
1457
|
+
# evaluations on all the resources in your account that you have
|
1458
|
+
# selected for Config to record.
|
1459
|
+
#
|
1460
|
+
# If you are running ephemeral workloads, you may see increased
|
1461
|
+
# activity from Config as it records configuration changes associated
|
1462
|
+
# with creating and deleting these temporary resources. An *ephemeral
|
1463
|
+
# workload* is a temporary use of computing resources that are loaded
|
1464
|
+
# and run when needed. Examples include Amazon Elastic Compute Cloud
|
1465
|
+
# (Amazon EC2) Spot Instances, Amazon EMR jobs, and Auto Scaling. If
|
1466
|
+
# you want to avoid the increased activity from running ephemeral
|
1467
|
+
# workloads, you can run these types of workloads in a separate
|
1468
|
+
# account with Config turned off to avoid increased configuration
|
1469
|
+
# recording and rule evaluations.
|
1470
|
+
#
|
1471
|
+
# </note>
|
1419
1472
|
# @return [Types::RecordingGroup]
|
1420
1473
|
#
|
1421
1474
|
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ConfigurationRecorder AWS API Documentation
|
@@ -2550,7 +2603,7 @@ module Aws::ConfigService
|
|
2550
2603
|
# Returns a filtered list of Detective or Proactive Config rules. By
|
2551
2604
|
# default, if the filter is not defined, this API returns an unfiltered
|
2552
2605
|
# list. For more information on Detective or Proactive Config rules, see
|
2553
|
-
# [ **Evaluation Mode** ][1] in the Config Developer Guide
|
2606
|
+
# [ **Evaluation Mode** ][1] in the *Config Developer Guide*.
|
2554
2607
|
#
|
2555
2608
|
#
|
2556
2609
|
#
|
@@ -2583,7 +2636,7 @@ module Aws::ConfigService
|
|
2583
2636
|
# Returns a list of Detective or Proactive Config rules. By default,
|
2584
2637
|
# this API returns an unfiltered list. For more information on
|
2585
2638
|
# Detective or Proactive Config rules, see [ **Evaluation Mode** ][1]
|
2586
|
-
# in the Config Developer Guide
|
2639
|
+
# in the *Config Developer Guide*.
|
2587
2640
|
#
|
2588
2641
|
#
|
2589
2642
|
#
|
@@ -3567,6 +3620,23 @@ module Aws::ConfigService
|
|
3567
3620
|
include Aws::Structure
|
3568
3621
|
end
|
3569
3622
|
|
3623
|
+
# Specifies whether the configuration recorder excludes resource types
|
3624
|
+
# from being recorded. Use the `resourceTypes` field to enter a
|
3625
|
+
# comma-separated list of resource types to exclude as exemptions.
|
3626
|
+
#
|
3627
|
+
# @!attribute [rw] resource_types
|
3628
|
+
# A comma-separated list of resource types to exclude from recording
|
3629
|
+
# by the configuration recorder.
|
3630
|
+
# @return [Array<String>]
|
3631
|
+
#
|
3632
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ExclusionByResourceTypes AWS API Documentation
|
3633
|
+
#
|
3634
|
+
class ExclusionByResourceTypes < Struct.new(
|
3635
|
+
:resource_types)
|
3636
|
+
SENSITIVE = []
|
3637
|
+
include Aws::Structure
|
3638
|
+
end
|
3639
|
+
|
3570
3640
|
# The controls that Config uses for executing remediations.
|
3571
3641
|
#
|
3572
3642
|
# @!attribute [rw] ssm_controls
|
@@ -4692,7 +4762,8 @@ module Aws::ConfigService
|
|
4692
4762
|
#
|
4693
4763
|
class InsufficientPermissionsException < Aws::EmptyStructure; end
|
4694
4764
|
|
4695
|
-
# You have provided a configuration recorder
|
4765
|
+
# You have provided a name for the configuration recorder that is not
|
4766
|
+
# valid.
|
4696
4767
|
#
|
4697
4768
|
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/InvalidConfigurationRecorderNameException AWS API Documentation
|
4698
4769
|
#
|
@@ -4731,9 +4802,31 @@ module Aws::ConfigService
|
|
4731
4802
|
#
|
4732
4803
|
class InvalidParameterValueException < Aws::EmptyStructure; end
|
4733
4804
|
|
4734
|
-
#
|
4735
|
-
#
|
4736
|
-
#
|
4805
|
+
# Indicates one of the following errors:
|
4806
|
+
#
|
4807
|
+
# * You have provided a combination of parameter values that is not
|
4808
|
+
# valid. For example:
|
4809
|
+
#
|
4810
|
+
# * Setting the `allSupported` field of [RecordingGroup][1] to `true`,
|
4811
|
+
# but providing a non-empty list for the `resourceTypes`field of
|
4812
|
+
# [RecordingGroup][1].
|
4813
|
+
#
|
4814
|
+
# * Setting the `allSupported` field of [RecordingGroup][1] to `true`,
|
4815
|
+
# but also setting the `useOnly` field of [RecordingStrategy][2] to
|
4816
|
+
# `EXCLUSION_BY_RESOURCE_TYPES`.
|
4817
|
+
#
|
4818
|
+
# * Every parameter is either null, false, or empty.
|
4819
|
+
#
|
4820
|
+
# * You have reached the limit of the number of resource types you can
|
4821
|
+
# provide for the recording group.
|
4822
|
+
#
|
4823
|
+
# * You have provided resource types or a recording strategy that are
|
4824
|
+
# not valid.
|
4825
|
+
#
|
4826
|
+
#
|
4827
|
+
#
|
4828
|
+
# [1]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html
|
4829
|
+
# [2]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html
|
4737
4830
|
#
|
4738
4831
|
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/InvalidRecordingGroupException AWS API Documentation
|
4739
4832
|
#
|
@@ -4745,7 +4838,8 @@ module Aws::ConfigService
|
|
4745
4838
|
#
|
4746
4839
|
class InvalidResultTokenException < Aws::EmptyStructure; end
|
4747
4840
|
|
4748
|
-
# You have provided a null or empty
|
4841
|
+
# You have provided a null or empty Amazon Resource Name (ARN) for the
|
4842
|
+
# IAM role assumed by Config and used by the configuration recorder.
|
4749
4843
|
#
|
4750
4844
|
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/InvalidRoleException AWS API Documentation
|
4751
4845
|
#
|
@@ -5135,7 +5229,8 @@ module Aws::ConfigService
|
|
5135
5229
|
#
|
5136
5230
|
class MaxNumberOfConfigRulesExceededException < Aws::EmptyStructure; end
|
5137
5231
|
|
5138
|
-
# You have reached the limit of the number of recorders
|
5232
|
+
# You have reached the limit of the number of configuration recorders
|
5233
|
+
# you can create.
|
5139
5234
|
#
|
5140
5235
|
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/MaxNumberOfConfigurationRecordersExceededException AWS API Documentation
|
5141
5236
|
#
|
@@ -5143,7 +5238,7 @@ module Aws::ConfigService
|
|
5143
5238
|
|
5144
5239
|
# You have reached the limit of the number of conformance packs you can
|
5145
5240
|
# create in an account. For more information, see [ **Service Limits**
|
5146
|
-
# ][1] in the Config Developer Guide
|
5241
|
+
# ][1] in the *Config Developer Guide*.
|
5147
5242
|
#
|
5148
5243
|
#
|
5149
5244
|
#
|
@@ -5162,7 +5257,7 @@ module Aws::ConfigService
|
|
5162
5257
|
|
5163
5258
|
# You have reached the limit of the number of organization Config rules
|
5164
5259
|
# you can create. For more information, see see [ **Service Limits**
|
5165
|
-
# ][1] in the Config Developer Guide
|
5260
|
+
# ][1] in the *Config Developer Guide*.
|
5166
5261
|
#
|
5167
5262
|
#
|
5168
5263
|
#
|
@@ -5174,7 +5269,7 @@ module Aws::ConfigService
|
|
5174
5269
|
|
5175
5270
|
# You have reached the limit of the number of organization conformance
|
5176
5271
|
# packs you can create in an account. For more information, see [
|
5177
|
-
# **Service Limits** ][1] in the Config Developer Guide
|
5272
|
+
# **Service Limits** ][1] in the *Config Developer Guide*.
|
5178
5273
|
#
|
5179
5274
|
#
|
5180
5275
|
#
|
@@ -5880,12 +5975,12 @@ module Aws::ConfigService
|
|
5880
5975
|
include Aws::Structure
|
5881
5976
|
end
|
5882
5977
|
|
5883
|
-
#
|
5884
|
-
#
|
5885
|
-
#
|
5886
|
-
#
|
5887
|
-
# trigger
|
5888
|
-
#
|
5978
|
+
# metadata for your organization Config Custom Policy rule including the
|
5979
|
+
# runtime system in use, which accounts have debug logging enabled, and
|
5980
|
+
# other custom rule metadata such as resource type, resource ID of
|
5981
|
+
# Amazon Web Services resource, and organization trigger types that
|
5982
|
+
# trigger Config to evaluate Amazon Web Services resources against a
|
5983
|
+
# rule.
|
5889
5984
|
#
|
5890
5985
|
# @!attribute [rw] description
|
5891
5986
|
# The description that you provide for your organization Config Custom
|
@@ -5972,12 +6067,12 @@ module Aws::ConfigService
|
|
5972
6067
|
include Aws::Structure
|
5973
6068
|
end
|
5974
6069
|
|
5975
|
-
#
|
5976
|
-
#
|
5977
|
-
#
|
5978
|
-
#
|
5979
|
-
#
|
5980
|
-
#
|
6070
|
+
# organization custom rule metadata such as resource type, resource ID
|
6071
|
+
# of Amazon Web Services resource, Lambda function ARN, and organization
|
6072
|
+
# trigger types that trigger Config to evaluate your Amazon Web Services
|
6073
|
+
# resources against a rule. It also provides the frequency with which
|
6074
|
+
# you want Config to run evaluations for the rule if the trigger type is
|
6075
|
+
# periodic.
|
5981
6076
|
#
|
5982
6077
|
# @!attribute [rw] description
|
5983
6078
|
# The description that you provide for your organization Config rule.
|
@@ -6057,11 +6152,10 @@ module Aws::ConfigService
|
|
6057
6152
|
include Aws::Structure
|
6058
6153
|
end
|
6059
6154
|
|
6060
|
-
#
|
6061
|
-
#
|
6062
|
-
#
|
6063
|
-
#
|
6064
|
-
# periodic.
|
6155
|
+
# organization managed rule metadata such as resource type and ID of
|
6156
|
+
# Amazon Web Services resource along with the rule identifier. It also
|
6157
|
+
# provides the frequency with which you want Config to run evaluations
|
6158
|
+
# for the rule if the trigger type is periodic.
|
6065
6159
|
#
|
6066
6160
|
# @!attribute [rw] description
|
6067
6161
|
# The description that you provide for your organization Config rule.
|
@@ -6304,8 +6398,8 @@ module Aws::ConfigService
|
|
6304
6398
|
# The input for the PutConfigurationRecorder action.
|
6305
6399
|
#
|
6306
6400
|
# @!attribute [rw] configuration_recorder
|
6307
|
-
#
|
6308
|
-
#
|
6401
|
+
# An object for the configuration recorder to record configuration
|
6402
|
+
# changes for specified resource types.
|
6309
6403
|
# @return [Types::ConfigurationRecorder]
|
6310
6404
|
#
|
6311
6405
|
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationRecorderRequest AWS API Documentation
|
@@ -6818,51 +6912,39 @@ module Aws::ConfigService
|
|
6818
6912
|
include Aws::Structure
|
6819
6913
|
end
|
6820
6914
|
|
6821
|
-
# Specifies which
|
6822
|
-
#
|
6823
|
-
#
|
6824
|
-
# resources.
|
6915
|
+
# Specifies which resource types Config records for configuration
|
6916
|
+
# changes. In the recording group, you specify whether you want to
|
6917
|
+
# record all supported resource types or to include or exclude specific
|
6918
|
+
# types of resources.
|
6825
6919
|
#
|
6826
|
-
# By default, Config records
|
6827
|
-
# types of *
|
6828
|
-
# which it is running. Regional resources are tied to
|
6829
|
-
# be used only in that
|
6830
|
-
# instances and EBS volumes.
|
6920
|
+
# By default, Config records configuration changes for all supported
|
6921
|
+
# types of *Regional resources* that Config discovers in the Amazon Web
|
6922
|
+
# Services Region in which it is running. Regional resources are tied to
|
6923
|
+
# a Region and can be used only in that Region. Examples of Regional
|
6924
|
+
# resources are Amazon EC2 instances and Amazon EBS volumes.
|
6831
6925
|
#
|
6832
6926
|
# You can also have Config record supported types of *global resources*.
|
6833
|
-
# Global resources are not tied to a specific
|
6834
|
-
# all
|
6927
|
+
# Global resources are not tied to a specific Region and can be used in
|
6928
|
+
# all Regions. The global resource types that Config supports include
|
6835
6929
|
# IAM users, groups, roles, and customer managed policies.
|
6836
6930
|
#
|
6837
6931
|
# Global resource types onboarded to Config recording after February
|
6838
|
-
# 2022 will
|
6839
|
-
# commercial partition and Amazon Web Services GovCloud (US)
|
6840
|
-
# the GovCloud partition. You can view the
|
6841
|
-
# new global resource types only in their
|
6842
|
-
# Services GovCloud (US)
|
6843
|
-
#
|
6844
|
-
# Supported global resource types onboarded before February 2022 such
|
6845
|
-
# as
|
6846
|
-
# `AWS::IAM::Group`, `AWS::IAM::Policy`, `AWS::IAM::Role`,
|
6847
|
-
# `AWS::IAM::User` remain unchanged, and they will continue to deliver
|
6848
|
-
# Configuration Items in all supported regions in Config. The change
|
6849
|
-
# will only affect new global resource types onboarded after February
|
6850
|
-
# 2022.
|
6851
|
-
#
|
6852
|
-
# To record global resource types onboarded after February 2022, enable
|
6853
|
-
# All Supported Resource Types in the home region of the global resource
|
6854
|
-
# type you want to record.
|
6932
|
+
# 2022 will be recorded only in the service's home Region for the
|
6933
|
+
# commercial partition and Amazon Web Services GovCloud (US-West) for
|
6934
|
+
# the Amazon Web Services GovCloud (US) partition. You can view the
|
6935
|
+
# Configuration Items for these new global resource types only in their
|
6936
|
+
# home Region and Amazon Web Services GovCloud (US-West).
|
6855
6937
|
#
|
6856
6938
|
# If you don't want Config to record all resources, you can specify
|
6857
|
-
# which types of resources
|
6939
|
+
# which types of resources Config records with the `resourceTypes`
|
6858
6940
|
# parameter.
|
6859
6941
|
#
|
6860
6942
|
# For a list of supported resource types, see [Supported Resource
|
6861
|
-
# Types][1]
|
6943
|
+
# Types][1] in the *Config developer guide*.
|
6862
6944
|
#
|
6863
6945
|
# For more information and a table of the Home Regions for Global
|
6864
6946
|
# Resource Types Onboarded after February 2022, see [Selecting Which
|
6865
|
-
# Resources Config Records][2]
|
6947
|
+
# Resources Config Records][2] in the *Config developer guide*.
|
6866
6948
|
#
|
6867
6949
|
#
|
6868
6950
|
#
|
@@ -6870,62 +6952,245 @@ module Aws::ConfigService
|
|
6870
6952
|
# [2]: https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html
|
6871
6953
|
#
|
6872
6954
|
# @!attribute [rw] all_supported
|
6873
|
-
# Specifies whether Config records configuration changes for
|
6874
|
-
# supported
|
6955
|
+
# Specifies whether Config records configuration changes for all
|
6956
|
+
# supported regional resource types.
|
6875
6957
|
#
|
6876
|
-
# If you set this
|
6877
|
-
# type of regional resource,
|
6958
|
+
# If you set this field to `true`, when Config adds support for a new
|
6959
|
+
# type of regional resource, Config starts recording resources of that
|
6878
6960
|
# type automatically.
|
6879
6961
|
#
|
6880
|
-
# If you set this
|
6881
|
-
# `resourceTypes
|
6962
|
+
# If you set this field to `true`, you cannot enumerate specific
|
6963
|
+
# resource types to record in the `resourceTypes` field of
|
6964
|
+
# [RecordingGroup][1], or to exclude in the `resourceTypes` field of
|
6965
|
+
# [ExclusionByResourceTypes][2].
|
6966
|
+
#
|
6967
|
+
#
|
6968
|
+
#
|
6969
|
+
# [1]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html
|
6970
|
+
# [2]: https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html
|
6882
6971
|
# @return [Boolean]
|
6883
6972
|
#
|
6884
6973
|
# @!attribute [rw] include_global_resource_types
|
6885
|
-
# Specifies whether Config
|
6886
|
-
#
|
6887
|
-
#
|
6974
|
+
# Specifies whether Config records configuration changes for all
|
6975
|
+
# supported global resources.
|
6976
|
+
#
|
6977
|
+
# Before you set this field to `true`, set the `allSupported` field of
|
6978
|
+
# [RecordingGroup][1] to `true`. Optionally, you can set the `useOnly`
|
6979
|
+
# field of [RecordingStrategy][2] to `ALL_SUPPORTED_RESOURCE_TYPES`.
|
6888
6980
|
#
|
6889
|
-
#
|
6890
|
-
#
|
6981
|
+
# If you set this field to `true`, when Config adds support for a new
|
6982
|
+
# type of global resource in the Region where you set up the
|
6983
|
+
# configuration recorder, Config starts recording resources of that
|
6984
|
+
# type automatically.
|
6891
6985
|
#
|
6892
|
-
# If you set this
|
6893
|
-
#
|
6894
|
-
#
|
6986
|
+
# <note markdown="1"> If you set this field to `false` but list global resource types in
|
6987
|
+
# the `resourceTypes` field of [RecordingGroup][1], Config will still
|
6988
|
+
# record configuration changes for those specified resource types
|
6989
|
+
# *regardless* of if you set the `includeGlobalResourceTypes` field to
|
6990
|
+
# false.
|
6895
6991
|
#
|
6896
|
-
#
|
6897
|
-
#
|
6898
|
-
#
|
6899
|
-
#
|
6992
|
+
# If you do not want to record configuration changes to global
|
6993
|
+
# resource types, make sure to not list them in the `resourceTypes`
|
6994
|
+
# field in addition to setting the `includeGlobalResourceTypes` field
|
6995
|
+
# to false.
|
6996
|
+
#
|
6997
|
+
# </note>
|
6998
|
+
#
|
6999
|
+
#
|
7000
|
+
#
|
7001
|
+
# [1]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html
|
7002
|
+
# [2]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html
|
6900
7003
|
# @return [Boolean]
|
6901
7004
|
#
|
6902
7005
|
# @!attribute [rw] resource_types
|
6903
|
-
# A comma-separated list that specifies
|
6904
|
-
#
|
6905
|
-
#
|
7006
|
+
# A comma-separated list that specifies which resource types Config
|
7007
|
+
# records.
|
7008
|
+
#
|
7009
|
+
# Optionally, you can set the `useOnly` field of
|
7010
|
+
# [RecordingStrategy][1] to `INCLUSION_BY_RESOURCE_TYPES`.
|
7011
|
+
#
|
7012
|
+
# To record all configuration changes, set the `allSupported` field of
|
7013
|
+
# [RecordingGroup][2] to `true`, and either omit this field or don't
|
7014
|
+
# specify any resource types in this field. If you set the
|
7015
|
+
# `allSupported` field to `false` and specify values for
|
7016
|
+
# `resourceTypes`, when Config adds support for a new type of
|
7017
|
+
# resource, it will not record resources of that type unless you
|
7018
|
+
# manually add that type to your recording group.
|
7019
|
+
#
|
7020
|
+
# For a list of valid `resourceTypes` values, see the **Resource Type
|
7021
|
+
# Value** column in [Supported Amazon Web Services resource Types][3]
|
7022
|
+
# in the *Config developer guide*.
|
6906
7023
|
#
|
6907
|
-
#
|
6908
|
-
# option to `true`.
|
7024
|
+
# <note markdown="1"> **Region Availability**
|
6909
7025
|
#
|
6910
|
-
#
|
6911
|
-
#
|
6912
|
-
#
|
6913
|
-
#
|
7026
|
+
# Before specifying a resource type for Config to track, check
|
7027
|
+
# [Resource Coverage by Region Availability][4] to see if the resource
|
7028
|
+
# type is supported in the Amazon Web Services Region where you set up
|
7029
|
+
# Config. If a resource type is supported by Config in at least one
|
7030
|
+
# Region, you can enable the recording of that resource type in all
|
7031
|
+
# Regions supported by Config, even if the specified resource type is
|
7032
|
+
# not supported in the Amazon Web Services Region where you set up
|
7033
|
+
# Config.
|
6914
7034
|
#
|
6915
|
-
#
|
6916
|
-
# Value** column in [Supported Amazon Web Services resource Types][1].
|
7035
|
+
# </note>
|
6917
7036
|
#
|
6918
7037
|
#
|
6919
7038
|
#
|
6920
|
-
# [1]: https://docs.aws.amazon.com/config/latest/
|
7039
|
+
# [1]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html
|
7040
|
+
# [2]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html
|
7041
|
+
# [3]: https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources
|
7042
|
+
# [4]: https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html
|
6921
7043
|
# @return [Array<String>]
|
6922
7044
|
#
|
7045
|
+
# @!attribute [rw] exclusion_by_resource_types
|
7046
|
+
# An object that specifies how Config excludes resource types from
|
7047
|
+
# being recorded by the configuration recorder.
|
7048
|
+
#
|
7049
|
+
# To use this option, you must set the `useOnly` field of
|
7050
|
+
# [RecordingStrategy][1] to `EXCLUSION_BY_RESOURCE_TYPES`.
|
7051
|
+
#
|
7052
|
+
#
|
7053
|
+
#
|
7054
|
+
# [1]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html
|
7055
|
+
# @return [Types::ExclusionByResourceTypes]
|
7056
|
+
#
|
7057
|
+
# @!attribute [rw] recording_strategy
|
7058
|
+
# An object that specifies the recording strategy for the
|
7059
|
+
# configuration recorder.
|
7060
|
+
#
|
7061
|
+
# * If you set the `useOnly` field of [RecordingStrategy][1] to
|
7062
|
+
# `ALL_SUPPORTED_RESOURCE_TYPES`, Config records configuration
|
7063
|
+
# changes for all supported regional resource types. You also must
|
7064
|
+
# set the `allSupported` field of [RecordingGroup][2] to `true`.
|
7065
|
+
# When Config adds support for a new type of regional resource,
|
7066
|
+
# Config automatically starts recording resources of that type.
|
7067
|
+
#
|
7068
|
+
# * If you set the `useOnly` field of [RecordingStrategy][1] to
|
7069
|
+
# `INCLUSION_BY_RESOURCE_TYPES`, Config records configuration
|
7070
|
+
# changes for only the resource types you specify in the
|
7071
|
+
# `resourceTypes` field of [RecordingGroup][2].
|
7072
|
+
#
|
7073
|
+
# * If you set the `useOnly` field of [RecordingStrategy][1] to
|
7074
|
+
# `EXCLUSION_BY_RESOURCE_TYPES`, Config records configuration
|
7075
|
+
# changes for all supported resource types except the resource types
|
7076
|
+
# that you specify as exemptions to exclude from being recorded in
|
7077
|
+
# the `resourceTypes` field of [ExclusionByResourceTypes][3].
|
7078
|
+
#
|
7079
|
+
# <note markdown="1"> The `recordingStrategy` field is optional when you set the
|
7080
|
+
# `allSupported` field of [RecordingGroup][2] to `true`.
|
7081
|
+
#
|
7082
|
+
# The `recordingStrategy` field is optional when you list resource
|
7083
|
+
# types in the `resourceTypes` field of [RecordingGroup][2].
|
7084
|
+
#
|
7085
|
+
# The `recordingStrategy` field is required if you list resource types
|
7086
|
+
# to exclude from recording in the `resourceTypes` field of
|
7087
|
+
# [ExclusionByResourceTypes][3].
|
7088
|
+
#
|
7089
|
+
# </note>
|
7090
|
+
#
|
7091
|
+
# <note markdown="1"> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording
|
7092
|
+
# strategy, the `exclusionByResourceTypes` field will override other
|
7093
|
+
# properties in the request.
|
7094
|
+
#
|
7095
|
+
# For example, even if you set `includeGlobalResourceTypes` to false,
|
7096
|
+
# global resource types will still be automatically recorded in this
|
7097
|
+
# option unless those resource types are specifically listed as
|
7098
|
+
# exemptions in the `resourceTypes` field of
|
7099
|
+
# `exclusionByResourceTypes`.
|
7100
|
+
#
|
7101
|
+
# By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES`
|
7102
|
+
# recording strategy, when Config adds support for a new resource type
|
7103
|
+
# in the Region where you set up the configuration recorder, including
|
7104
|
+
# global resource types, Config starts recording resources of that
|
7105
|
+
# type automatically.
|
7106
|
+
#
|
7107
|
+
# </note>
|
7108
|
+
#
|
7109
|
+
#
|
7110
|
+
#
|
7111
|
+
# [1]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html
|
7112
|
+
# [2]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html
|
7113
|
+
# [3]: https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html
|
7114
|
+
# @return [Types::RecordingStrategy]
|
7115
|
+
#
|
6923
7116
|
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/RecordingGroup AWS API Documentation
|
6924
7117
|
#
|
6925
7118
|
class RecordingGroup < Struct.new(
|
6926
7119
|
:all_supported,
|
6927
7120
|
:include_global_resource_types,
|
6928
|
-
:resource_types
|
7121
|
+
:resource_types,
|
7122
|
+
:exclusion_by_resource_types,
|
7123
|
+
:recording_strategy)
|
7124
|
+
SENSITIVE = []
|
7125
|
+
include Aws::Structure
|
7126
|
+
end
|
7127
|
+
|
7128
|
+
# Specifies the recording strategy of the configuration recorder.
|
7129
|
+
#
|
7130
|
+
# @!attribute [rw] use_only
|
7131
|
+
# The recording strategy for the configuration recorder.
|
7132
|
+
#
|
7133
|
+
# * If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES`, Config
|
7134
|
+
# records configuration changes for all supported regional resource
|
7135
|
+
# types. You also must set the `allSupported` field of
|
7136
|
+
# [RecordingGroup][1] to `true`.
|
7137
|
+
#
|
7138
|
+
# When Config adds support for a new type of regional resource,
|
7139
|
+
# Config automatically starts recording resources of that type. For
|
7140
|
+
# a list of supported resource types, see [Supported Resource
|
7141
|
+
# Types][2] in the *Config developer guide*.
|
7142
|
+
#
|
7143
|
+
# * If you set this option to `INCLUSION_BY_RESOURCE_TYPES`, Config
|
7144
|
+
# records configuration changes for only the resource types that you
|
7145
|
+
# specify in the `resourceTypes` field of [RecordingGroup][1].
|
7146
|
+
#
|
7147
|
+
# * If you set this option to `EXCLUSION_BY_RESOURCE_TYPES`, Config
|
7148
|
+
# records configuration changes for all supported resource types,
|
7149
|
+
# except the resource types that you specify as exemptions to
|
7150
|
+
# exclude from being recorded in the `resourceTypes` field of
|
7151
|
+
# [ExclusionByResourceTypes][3].
|
7152
|
+
#
|
7153
|
+
# <note markdown="1"> The `recordingStrategy` field is optional when you set the
|
7154
|
+
# `allSupported` field of [RecordingGroup][1] to `true`.
|
7155
|
+
#
|
7156
|
+
# The `recordingStrategy` field is optional when you list resource
|
7157
|
+
# types in the `resourceTypes` field of [RecordingGroup][1].
|
7158
|
+
#
|
7159
|
+
# The `recordingStrategy` field is required if you list resource types
|
7160
|
+
# to exclude from recording in the `resourceTypes` field of
|
7161
|
+
# [ExclusionByResourceTypes][3].
|
7162
|
+
#
|
7163
|
+
# </note>
|
7164
|
+
#
|
7165
|
+
# <note markdown="1"> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording
|
7166
|
+
# strategy, the `exclusionByResourceTypes` field will override other
|
7167
|
+
# properties in the request.
|
7168
|
+
#
|
7169
|
+
# For example, even if you set `includeGlobalResourceTypes` to false,
|
7170
|
+
# global resource types will still be automatically recorded in this
|
7171
|
+
# option unless those resource types are specifically listed as
|
7172
|
+
# exemptions in the `resourceTypes` field of
|
7173
|
+
# `exclusionByResourceTypes`.
|
7174
|
+
#
|
7175
|
+
# By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES`
|
7176
|
+
# recording strategy, when Config adds support for a new resource type
|
7177
|
+
# in the Region where you set up the configuration recorder, including
|
7178
|
+
# global resource types, Config starts recording resources of that
|
7179
|
+
# type automatically.
|
7180
|
+
#
|
7181
|
+
# </note>
|
7182
|
+
#
|
7183
|
+
#
|
7184
|
+
#
|
7185
|
+
# [1]: https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html
|
7186
|
+
# [2]: https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources
|
7187
|
+
# [3]: https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html
|
7188
|
+
# @return [String]
|
7189
|
+
#
|
7190
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/RecordingStrategy AWS API Documentation
|
7191
|
+
#
|
7192
|
+
class RecordingStrategy < Struct.new(
|
7193
|
+
:use_only)
|
6929
7194
|
SENSITIVE = []
|
6930
7195
|
include Aws::Structure
|
6931
7196
|
end
|
@@ -8224,8 +8489,8 @@ module Aws::ConfigService
|
|
8224
8489
|
end
|
8225
8490
|
|
8226
8491
|
# You have reached the limit of the number of tags you can use. For more
|
8227
|
-
# information, see [ **Service Limits** ][1] in the Config Developer
|
8228
|
-
# Guide
|
8492
|
+
# information, see [ **Service Limits** ][1] in the *Config Developer
|
8493
|
+
# Guide*.
|
8229
8494
|
#
|
8230
8495
|
#
|
8231
8496
|
#
|