@aws-sdk/client-controltower 3.427.0 → 3.428.0

package/README.md

@@ -6,22 +6,31 @@
 
 AWS SDK for JavaScript ControlTower Client for Node.js, Browser and React Native.
 
-<p>These interfaces allow you to apply the AWS library of pre-defined <i>controls</i> to your
-organizational units, programmatically. In this context, controls are the same as AWS Control Tower guardrails.</p>
+<p>These interfaces allow you to apply the AWS library of pre-defined
+<i>controls</i> to your organizational units, programmatically. In AWS Control Tower, the terms "control" and "guardrail" are synonyms.   .</p>
 <p>To call these APIs, you'll need to know:</p>
 <ul>
 <li>
-<p>the <code>ControlARN</code> for the control--that is, the
-guardrail--you are targeting,</p>
+<p>the <code>controlIdentifier</code> for the control--or guardrail--you are targeting.</p>
 </li>
 <li>
-<p>and the ARN associated with the target organizational unit (OU).</p>
+<p>the ARN associated with the target organizational unit (OU), which we call the <code>targetIdentifier</code>.</p>
 </li>
 </ul>
 <p>
-<b>To get the <code>ControlARN</code> for your AWS Control Tower guardrail:</b>
+<b>To get the <code>controlIdentifier</code> for your AWS Control Tower
+control:</b>
 </p>
-<p>The <code>ControlARN</code> contains the control name which is specified in each guardrail. For a list of control names for <i>Strongly recommended</i> and <i>Elective</i> guardrails, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html">Resource identifiers for APIs and guardrails</a> in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/automating-tasks.html">Automating tasks section</a> of the AWS Control Tower User Guide. Remember that <i>Mandatory</i> guardrails cannot be added or removed.</p>
+<p>The <code>controlIdentifier</code> is an ARN that is specified for each
+control. You can view the <code>controlIdentifier</code> in the console on the <b>Control details</b> page, as well as in the documentation.</p>
+<p>The <code>controlIdentifier</code> is unique in each AWS Region for each control. You can
+find the <code>controlIdentifier</code> for each Region and control in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html">Tables of control metadata</a> in the <i>AWS Control Tower User Guide.</i>
+</p>
+<p>A quick-reference list of control identifers for the AWS Control Tower legacy <i>Strongly recommended</i> and
+<i>Elective</i> controls is given in <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html">Resource identifiers for
+APIs and guardrails</a> in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">Controls reference guide section</a>
+of the <i>AWS Control Tower User Guide</i>. Remember that <i>Mandatory</i> controls
+cannot be added or removed.</p>
 <note>
 <p>
 <b>ARN format:</b>
@@ -35,8 +44,9 @@ guardrail--you are targeting,</p>
 </p>
 </note>
 <p>
-<b>To get the ARN for an OU:</b>
+<b>To get the <code>targetIdentifier</code>:</b>
 </p>
+<p>The <code>targetIdentifier</code> is the ARN for an OU.</p>
 <p>In the AWS Organizations console, you can find the ARN for the OU on the <b>Organizational unit details</b> page associated with that OU.</p>
 <note>
 <p>
@@ -52,17 +62,32 @@ guardrail--you are targeting,</p>
 <ul>
 <li>
 <p>
-<a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">List of resource identifiers for APIs and guardrails</a>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-api-examples-short.html">Control API input and output examples with CLI</a>
+</p>
+</li>
+<li>
+<p>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html">Enable controls with CloudFormation</a>
 </p>
 </li>
 <li>
 <p>
-<a href="https://docs.aws.amazon.com/controltower/latest/userguide/guardrail-api-examples-short.html">Guardrail API examples (CLI)</a>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html">Control metadata tables</a>
 </p>
 </li>
 <li>
 <p>
-<a href="https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html">Enable controls with AWS CloudFormation</a>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">List of identifiers for legacy controls</a>
+</p>
+</li>
+<li>
+<p>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/controls.html">Controls reference guide</a>
+</p>
+</li>
+<li>
+<p>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/controls-reference.html">Controls library groupings</a>
 </p>
 </li>
 <li>
@@ -76,7 +101,14 @@ guardrail--you are targeting,</p>
 <p>
 <b>Recording API Requests</b>
 </p>
-<p>AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine which requests the AWS Control Tower service received, who made the request and when, and so on. For more about AWS Control Tower and its support for CloudTrail, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html">Logging AWS Control Tower Actions with AWS CloudTrail</a> in the AWS Control Tower User Guide. To learn more about CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User Guide.</p>
+<p>AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your
+AWS account and delivers log files to an Amazon S3 bucket. By using information collected by
+CloudTrail, you can determine which requests the AWS Control Tower service received, who made
+the request and when, and so on. For more about AWS Control Tower and its support for
+CloudTrail, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html">Logging AWS Control Tower
+Actions with AWS CloudTrail</a> in the AWS Control Tower User Guide. To learn more about
+CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User
+Guide.</p>
 
 ## Installing
 
@@ -296,6 +328,14 @@ GetControlOperation
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/classes/getcontroloperationcommand.html) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/interfaces/getcontroloperationcommandinput.html) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/interfaces/getcontroloperationcommandoutput.html)
 
+</details>
+<details>
+<summary>
+GetEnabledControl
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/classes/getenabledcontrolcommand.html) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/interfaces/getenabledcontrolcommandinput.html) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/interfaces/getenabledcontrolcommandoutput.html)
+
 </details>
 <details>
 <summary>

package/dist-cjs/ControlTower.js

@@ -5,12 +5,14 @@ const smithy_client_1 = require("@smithy/smithy-client");
 const DisableControlCommand_1 = require("./commands/DisableControlCommand");
 const EnableControlCommand_1 = require("./commands/EnableControlCommand");
 const GetControlOperationCommand_1 = require("./commands/GetControlOperationCommand");
+const GetEnabledControlCommand_1 = require("./commands/GetEnabledControlCommand");
 const ListEnabledControlsCommand_1 = require("./commands/ListEnabledControlsCommand");
 const ControlTowerClient_1 = require("./ControlTowerClient");
 const commands = {
     DisableControlCommand: DisableControlCommand_1.DisableControlCommand,
     EnableControlCommand: EnableControlCommand_1.EnableControlCommand,
     GetControlOperationCommand: GetControlOperationCommand_1.GetControlOperationCommand,
+    GetEnabledControlCommand: GetEnabledControlCommand_1.GetEnabledControlCommand,
     ListEnabledControlsCommand: ListEnabledControlsCommand_1.ListEnabledControlsCommand,
 };
 class ControlTower extends ControlTowerClient_1.ControlTowerClient {

package/dist-cjs/commands/GetEnabledControlCommand.js

@@ -0,0 +1,51 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GetEnabledControlCommand = exports.$Command = void 0;
+const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
+const middleware_serde_1 = require("@smithy/middleware-serde");
+const smithy_client_1 = require("@smithy/smithy-client");
+Object.defineProperty(exports, "$Command", { enumerable: true, get: function () { return smithy_client_1.Command; } });
+const types_1 = require("@smithy/types");
+const Aws_restJson1_1 = require("../protocols/Aws_restJson1");
+class GetEnabledControlCommand extends smithy_client_1.Command {
+    static getEndpointParameterInstructions() {
+        return {
+            UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
+            Endpoint: { type: "builtInParams", name: "endpoint" },
+            Region: { type: "builtInParams", name: "region" },
+            UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
+        };
+    }
+    constructor(input) {
+        super();
+        this.input = input;
+    }
+    resolveMiddleware(clientStack, configuration, options) {
+        this.middlewareStack.use((0, middleware_serde_1.getSerdePlugin)(configuration, this.serialize, this.deserialize));
+        this.middlewareStack.use((0, middleware_endpoint_1.getEndpointPlugin)(configuration, GetEnabledControlCommand.getEndpointParameterInstructions()));
+        const stack = clientStack.concat(this.middlewareStack);
+        const { logger } = configuration;
+        const clientName = "ControlTowerClient";
+        const commandName = "GetEnabledControlCommand";
+        const handlerExecutionContext = {
+            logger,
+            clientName,
+            commandName,
+            inputFilterSensitiveLog: (_) => _,
+            outputFilterSensitiveLog: (_) => _,
+            [types_1.SMITHY_CONTEXT_KEY]: {
+                service: "AWSControlTowerApis",
+                operation: "GetEnabledControl",
+            },
+        };
+        const { requestHandler } = configuration;
+        return stack.resolve((request) => requestHandler.handle(request.request, options || {}), handlerExecutionContext);
+    }
+    serialize(input, context) {
+        return (0, Aws_restJson1_1.se_GetEnabledControlCommand)(input, context);
+    }
+    deserialize(output, context) {
+        return (0, Aws_restJson1_1.de_GetEnabledControlCommand)(output, context);
+    }
+}
+exports.GetEnabledControlCommand = GetEnabledControlCommand;

package/dist-cjs/commands/index.js

@@ -4,4 +4,5 @@ const tslib_1 = require("tslib");
 tslib_1.__exportStar(require("./DisableControlCommand"), exports);
 tslib_1.__exportStar(require("./EnableControlCommand"), exports);
 tslib_1.__exportStar(require("./GetControlOperationCommand"), exports);
+tslib_1.__exportStar(require("./GetEnabledControlCommand"), exports);
 tslib_1.__exportStar(require("./ListEnabledControlsCommand"), exports);

package/dist-cjs/models/models_0.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ControlOperationStatus = exports.ControlOperationType = exports.ValidationException = exports.ThrottlingException = exports.ServiceQuotaExceededException = exports.ResourceNotFoundException = exports.InternalServerException = exports.ConflictException = exports.AccessDeniedException = void 0;
+exports.EnablementStatus = exports.DriftStatus = exports.ControlOperationStatus = exports.ControlOperationType = exports.ValidationException = exports.ThrottlingException = exports.ServiceQuotaExceededException = exports.ResourceNotFoundException = exports.InternalServerException = exports.ConflictException = exports.AccessDeniedException = void 0;
 const ControlTowerServiceException_1 = require("./ControlTowerServiceException");
 class AccessDeniedException extends ControlTowerServiceException_1.ControlTowerServiceException {
     constructor(opts) {
@@ -109,3 +109,14 @@ exports.ControlOperationStatus = {
     IN_PROGRESS: "IN_PROGRESS",
     SUCCEEDED: "SUCCEEDED",
 };
+exports.DriftStatus = {
+    DRIFTED: "DRIFTED",
+    IN_SYNC: "IN_SYNC",
+    NOT_CHECKING: "NOT_CHECKING",
+    UNKNOWN: "UNKNOWN",
+};
+exports.EnablementStatus = {
+    FAILED: "FAILED",
+    SUCCEEDED: "SUCCEEDED",
+    UNDER_CHANGE: "UNDER_CHANGE",
+};

package/dist-cjs/protocols/Aws_restJson1.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.de_ListEnabledControlsCommand = exports.de_GetControlOperationCommand = exports.de_EnableControlCommand = exports.de_DisableControlCommand = exports.se_ListEnabledControlsCommand = exports.se_GetControlOperationCommand = exports.se_EnableControlCommand = exports.se_DisableControlCommand = void 0;
+exports.de_ListEnabledControlsCommand = exports.de_GetEnabledControlCommand = exports.de_GetControlOperationCommand = exports.de_EnableControlCommand = exports.de_DisableControlCommand = exports.se_ListEnabledControlsCommand = exports.se_GetEnabledControlCommand = exports.se_GetControlOperationCommand = exports.se_EnableControlCommand = exports.se_DisableControlCommand = void 0;
 const protocol_http_1 = require("@smithy/protocol-http");
 const smithy_client_1 = require("@smithy/smithy-client");
 const ControlTowerServiceException_1 = require("../models/ControlTowerServiceException");
@@ -70,6 +70,27 @@ const se_GetControlOperationCommand = async (input, context) => {
     });
 };
 exports.se_GetControlOperationCommand = se_GetControlOperationCommand;
+const se_GetEnabledControlCommand = async (input, context) => {
+    const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
+    const headers = {
+        "content-type": "application/json",
+    };
+    const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/get-enabled-control";
+    let body;
+    body = JSON.stringify((0, smithy_client_1.take)(input, {
+        enabledControlIdentifier: [],
+    }));
+    return new protocol_http_1.HttpRequest({
+        protocol,
+        hostname,
+        port,
+        method: "POST",
+        headers,
+        path: resolvedPath,
+        body,
+    });
+};
+exports.se_GetEnabledControlCommand = se_GetEnabledControlCommand;
 const se_ListEnabledControlsCommand = async (input, context) => {
     const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
     const headers = {
@@ -243,6 +264,52 @@ const de_GetControlOperationCommandError = async (output, context) => {
             });
     }
 };
+const de_GetEnabledControlCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_GetEnabledControlCommandError(output, context);
+    }
+    const contents = (0, smithy_client_1.map)({
+        $metadata: deserializeMetadata(output),
+    });
+    const data = (0, smithy_client_1.expectNonNull)((0, smithy_client_1.expectObject)(await parseBody(output.body, context)), "body");
+    const doc = (0, smithy_client_1.take)(data, {
+        enabledControlDetails: smithy_client_1._json,
+    });
+    Object.assign(contents, doc);
+    return contents;
+};
+exports.de_GetEnabledControlCommand = de_GetEnabledControlCommand;
+const de_GetEnabledControlCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AccessDeniedException":
+        case "com.amazonaws.controltower#AccessDeniedException":
+            throw await de_AccessDeniedExceptionRes(parsedOutput, context);
+        case "InternalServerException":
+        case "com.amazonaws.controltower#InternalServerException":
+            throw await de_InternalServerExceptionRes(parsedOutput, context);
+        case "ResourceNotFoundException":
+        case "com.amazonaws.controltower#ResourceNotFoundException":
+            throw await de_ResourceNotFoundExceptionRes(parsedOutput, context);
+        case "ThrottlingException":
+        case "com.amazonaws.controltower#ThrottlingException":
+            throw await de_ThrottlingExceptionRes(parsedOutput, context);
+        case "ValidationException":
+        case "com.amazonaws.controltower#ValidationException":
+            throw await de_ValidationExceptionRes(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            return throwDefaultError({
+                output,
+                parsedBody,
+                errorCode,
+            });
+    }
+};
 const de_ListEnabledControlsCommand = async (output, context) => {
     if (output.statusCode !== 200 && output.statusCode >= 300) {
         return de_ListEnabledControlsCommandError(output, context);

package/dist-es/ControlTower.js

@@ -2,12 +2,14 @@ import { createAggregatedClient } from "@smithy/smithy-client";
 import { DisableControlCommand, } from "./commands/DisableControlCommand";
 import { EnableControlCommand, } from "./commands/EnableControlCommand";
 import { GetControlOperationCommand, } from "./commands/GetControlOperationCommand";
+import { GetEnabledControlCommand, } from "./commands/GetEnabledControlCommand";
 import { ListEnabledControlsCommand, } from "./commands/ListEnabledControlsCommand";
 import { ControlTowerClient } from "./ControlTowerClient";
 const commands = {
     DisableControlCommand,
     EnableControlCommand,
     GetControlOperationCommand,
+    GetEnabledControlCommand,
     ListEnabledControlsCommand,
 };
 export class ControlTower extends ControlTowerClient {

package/dist-es/commands/GetEnabledControlCommand.js

@@ -0,0 +1,47 @@
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { SMITHY_CONTEXT_KEY, } from "@smithy/types";
+import { de_GetEnabledControlCommand, se_GetEnabledControlCommand } from "../protocols/Aws_restJson1";
+export { $Command };
+export class GetEnabledControlCommand extends $Command {
+    static getEndpointParameterInstructions() {
+        return {
+            UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
+            Endpoint: { type: "builtInParams", name: "endpoint" },
+            Region: { type: "builtInParams", name: "region" },
+            UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
+        };
+    }
+    constructor(input) {
+        super();
+        this.input = input;
+    }
+    resolveMiddleware(clientStack, configuration, options) {
+        this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
+        this.middlewareStack.use(getEndpointPlugin(configuration, GetEnabledControlCommand.getEndpointParameterInstructions()));
+        const stack = clientStack.concat(this.middlewareStack);
+        const { logger } = configuration;
+        const clientName = "ControlTowerClient";
+        const commandName = "GetEnabledControlCommand";
+        const handlerExecutionContext = {
+            logger,
+            clientName,
+            commandName,
+            inputFilterSensitiveLog: (_) => _,
+            outputFilterSensitiveLog: (_) => _,
+            [SMITHY_CONTEXT_KEY]: {
+                service: "AWSControlTowerApis",
+                operation: "GetEnabledControl",
+            },
+        };
+        const { requestHandler } = configuration;
+        return stack.resolve((request) => requestHandler.handle(request.request, options || {}), handlerExecutionContext);
+    }
+    serialize(input, context) {
+        return se_GetEnabledControlCommand(input, context);
+    }
+    deserialize(output, context) {
+        return de_GetEnabledControlCommand(output, context);
+    }
+}

package/dist-es/commands/index.js

@@ -1,4 +1,5 @@
 export * from "./DisableControlCommand";
 export * from "./EnableControlCommand";
 export * from "./GetControlOperationCommand";
+export * from "./GetEnabledControlCommand";
 export * from "./ListEnabledControlsCommand";

package/dist-es/models/models_0.js

@@ -99,3 +99,14 @@ export const ControlOperationStatus = {
     IN_PROGRESS: "IN_PROGRESS",
     SUCCEEDED: "SUCCEEDED",
 };
+export const DriftStatus = {
+    DRIFTED: "DRIFTED",
+    IN_SYNC: "IN_SYNC",
+    NOT_CHECKING: "NOT_CHECKING",
+    UNKNOWN: "UNKNOWN",
+};
+export const EnablementStatus = {
+    FAILED: "FAILED",
+    SUCCEEDED: "SUCCEEDED",
+    UNDER_CHANGE: "UNDER_CHANGE",
+};

package/dist-es/protocols/Aws_restJson1.js

@@ -64,6 +64,26 @@ export const se_GetControlOperationCommand = async (input, context) => {
         body,
     });
 };
+export const se_GetEnabledControlCommand = async (input, context) => {
+    const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
+    const headers = {
+        "content-type": "application/json",
+    };
+    const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/get-enabled-control";
+    let body;
+    body = JSON.stringify(take(input, {
+        enabledControlIdentifier: [],
+    }));
+    return new __HttpRequest({
+        protocol,
+        hostname,
+        port,
+        method: "POST",
+        headers,
+        path: resolvedPath,
+        body,
+    });
+};
 export const se_ListEnabledControlsCommand = async (input, context) => {
     const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
     const headers = {
@@ -233,6 +253,51 @@ const de_GetControlOperationCommandError = async (output, context) => {
             });
     }
 };
+export const de_GetEnabledControlCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_GetEnabledControlCommandError(output, context);
+    }
+    const contents = map({
+        $metadata: deserializeMetadata(output),
+    });
+    const data = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body");
+    const doc = take(data, {
+        enabledControlDetails: _json,
+    });
+    Object.assign(contents, doc);
+    return contents;
+};
+const de_GetEnabledControlCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AccessDeniedException":
+        case "com.amazonaws.controltower#AccessDeniedException":
+            throw await de_AccessDeniedExceptionRes(parsedOutput, context);
+        case "InternalServerException":
+        case "com.amazonaws.controltower#InternalServerException":
+            throw await de_InternalServerExceptionRes(parsedOutput, context);
+        case "ResourceNotFoundException":
+        case "com.amazonaws.controltower#ResourceNotFoundException":
+            throw await de_ResourceNotFoundExceptionRes(parsedOutput, context);
+        case "ThrottlingException":
+        case "com.amazonaws.controltower#ThrottlingException":
+            throw await de_ThrottlingExceptionRes(parsedOutput, context);
+        case "ValidationException":
+        case "com.amazonaws.controltower#ValidationException":
+            throw await de_ValidationExceptionRes(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            return throwDefaultError({
+                output,
+                parsedBody,
+                errorCode,
+            });
+    }
+};
 export const de_ListEnabledControlsCommand = async (output, context) => {
     if (output.statusCode !== 200 && output.statusCode >= 300) {
         return de_ListEnabledControlsCommandError(output, context);

package/dist-types/ControlTower.d.ts

@@ -2,6 +2,7 @@ import { HttpHandlerOptions as __HttpHandlerOptions } from "@smithy/types";
 import { DisableControlCommandInput, DisableControlCommandOutput } from "./commands/DisableControlCommand";
 import { EnableControlCommandInput, EnableControlCommandOutput } from "./commands/EnableControlCommand";
 import { GetControlOperationCommandInput, GetControlOperationCommandOutput } from "./commands/GetControlOperationCommand";
+import { GetEnabledControlCommandInput, GetEnabledControlCommandOutput } from "./commands/GetEnabledControlCommand";
 import { ListEnabledControlsCommandInput, ListEnabledControlsCommandOutput } from "./commands/ListEnabledControlsCommand";
 import { ControlTowerClient } from "./ControlTowerClient";
 export interface ControlTower {
@@ -23,6 +24,12 @@ export interface ControlTower {
     getControlOperation(args: GetControlOperationCommandInput, options?: __HttpHandlerOptions): Promise<GetControlOperationCommandOutput>;
     getControlOperation(args: GetControlOperationCommandInput, cb: (err: any, data?: GetControlOperationCommandOutput) => void): void;
     getControlOperation(args: GetControlOperationCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetControlOperationCommandOutput) => void): void;
+    /**
+     * @see {@link GetEnabledControlCommand}
+     */
+    getEnabledControl(args: GetEnabledControlCommandInput, options?: __HttpHandlerOptions): Promise<GetEnabledControlCommandOutput>;
+    getEnabledControl(args: GetEnabledControlCommandInput, cb: (err: any, data?: GetEnabledControlCommandOutput) => void): void;
+    getEnabledControl(args: GetEnabledControlCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetEnabledControlCommandOutput) => void): void;
     /**
      * @see {@link ListEnabledControlsCommand}
      */
@@ -32,22 +39,31 @@ export interface ControlTower {
 }
 /**
  * @public
- * <p>These interfaces allow you to apply the AWS library of pre-defined <i>controls</i> to your
- * organizational units, programmatically. In this context, controls are the same as AWS Control Tower guardrails.</p>
+ * <p>These interfaces allow you to apply the AWS library of pre-defined
+ *       <i>controls</i> to your organizational units, programmatically. In AWS Control Tower, the terms "control" and "guardrail" are synonyms.   .</p>
  *          <p>To call these APIs, you'll need to know:</p>
  *          <ul>
  *             <li>
- *                <p>the <code>ControlARN</code> for the control--that is, the
- *         guardrail--you are targeting,</p>
+ *                <p>the <code>controlIdentifier</code> for the control--or guardrail--you are targeting.</p>
  *             </li>
  *             <li>
- *                <p>and the ARN associated with the target organizational unit (OU).</p>
+ *                <p>the ARN associated with the target organizational unit (OU), which we call the <code>targetIdentifier</code>.</p>
  *             </li>
  *          </ul>
  *          <p>
- *             <b>To get the <code>ControlARN</code> for your AWS Control Tower guardrail:</b>
+ *             <b>To get the <code>controlIdentifier</code> for your AWS Control Tower
+ *         control:</b>
  *          </p>
- *          <p>The <code>ControlARN</code> contains the control name which is specified in each guardrail. For a list of control names for <i>Strongly recommended</i> and <i>Elective</i> guardrails, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html">Resource identifiers for APIs and guardrails</a> in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/automating-tasks.html">Automating tasks section</a> of the AWS Control Tower User Guide. Remember that <i>Mandatory</i> guardrails cannot be added or removed.</p>
+ *          <p>The <code>controlIdentifier</code> is an ARN that is specified for each
+ *       control. You can view the <code>controlIdentifier</code> in the console on the <b>Control details</b> page, as well as in the documentation.</p>
+ *          <p>The <code>controlIdentifier</code> is unique in each AWS Region for each control. You can
+ *       find the <code>controlIdentifier</code> for each Region and control in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html">Tables of control metadata</a> in the <i>AWS Control Tower User Guide.</i>
+ *          </p>
+ *          <p>A quick-reference list of control identifers for the AWS Control Tower legacy <i>Strongly recommended</i> and
+ *         <i>Elective</i> controls is given in <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html">Resource identifiers for
+ *         APIs and guardrails</a> in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">Controls reference guide section</a>
+ *       of the <i>AWS Control Tower User Guide</i>. Remember that <i>Mandatory</i> controls
+ *       cannot be added or removed.</p>
  *          <note>
  *             <p>
  *                <b>ARN format:</b>
@@ -61,8 +77,9 @@ export interface ControlTower {
  *             </p>
  *          </note>
  *          <p>
- *             <b>To get the ARN for an OU:</b>
+ *             <b>To get the <code>targetIdentifier</code>:</b>
  *          </p>
+ *          <p>The <code>targetIdentifier</code> is the ARN for an OU.</p>
  *          <p>In the AWS Organizations console, you can find the ARN for the OU on the <b>Organizational unit details</b> page associated with that OU.</p>
  *          <note>
  *             <p>
@@ -78,17 +95,32 @@ export interface ControlTower {
  *          <ul>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">List of resource identifiers for APIs and guardrails</a>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-api-examples-short.html">Control API input and output examples with CLI</a>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html">Enable controls with CloudFormation</a>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html">Control metadata tables</a>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">List of identifiers for legacy controls</a>
  *                </p>
  *             </li>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/guardrail-api-examples-short.html">Guardrail API examples (CLI)</a>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/controls.html">Controls reference guide</a>
  *                </p>
  *             </li>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html">Enable controls with AWS CloudFormation</a>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/controls-reference.html">Controls library groupings</a>
  *                </p>
  *             </li>
  *             <li>
@@ -102,7 +134,14 @@ export interface ControlTower {
  *          <p>
  *             <b>Recording API Requests</b>
  *          </p>
- *          <p>AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine which requests the AWS Control Tower service received, who made the request and when, and so on. For more about AWS Control Tower and its support for CloudTrail, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html">Logging AWS Control Tower Actions with AWS CloudTrail</a> in the AWS Control Tower User Guide. To learn more about CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User Guide.</p>
+ *          <p>AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your
+ *       AWS account and delivers log files to an Amazon S3 bucket. By using information collected by
+ *       CloudTrail, you can determine which requests the AWS Control Tower service received, who made
+ *       the request and when, and so on. For more about AWS Control Tower and its support for
+ *       CloudTrail, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html">Logging AWS Control Tower
+ *         Actions with AWS CloudTrail</a> in the AWS Control Tower User Guide. To learn more about
+ *       CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User
+ *       Guide.</p>
  */
 export declare class ControlTower extends ControlTowerClient implements ControlTower {
 }