| Copyright | (c) 2013-2015 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay <brendan.g.hay@gmail.com> |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | None |
| Language | Haskell2010 |
Network.AWS.Config.DescribeComplianceByConfigRule
Description
Indicates whether the specified AWS Config rules are compliant. If a rule is noncompliant, this action returns the number of AWS resources that do not comply with the rule.
A rule is compliant if all of the evaluated resources comply with it, and it is noncompliant if any of these resources do not comply.
If AWS Config has no current evaluation results for the rule, it returns
InsufficientData. This result might indicate one of the following
conditions:
- AWS Config has never invoked an evaluation for the rule. To check
whether it has, use the
DescribeConfigRuleEvaluationStatusaction to get theLastSuccessfulInvocationTimeandLastFailedInvocationTime. - The rule's AWS Lambda function is failing to send evaluation results to AWS Config. Verify that the role that you assigned to your configuration recorder includes the 'config:PutEvaluations' permission. If the rule is a customer managed rule, verify that the AWS Lambda execution role includes the 'config:PutEvaluations' permission.
- The rule's AWS Lambda function has returned
NOT_APPLICABLEfor all evaluation results. This can occur if the resources were deleted or removed from the rule's scope.
See: AWS API Reference for DescribeComplianceByConfigRule.
- describeComplianceByConfigRule :: DescribeComplianceByConfigRule
- data DescribeComplianceByConfigRule
- dcbcrConfigRuleNames :: Lens' DescribeComplianceByConfigRule [Text]
- dcbcrComplianceTypes :: Lens' DescribeComplianceByConfigRule [ComplianceType]
- dcbcrNextToken :: Lens' DescribeComplianceByConfigRule (Maybe Text)
- describeComplianceByConfigRuleResponse :: Int -> DescribeComplianceByConfigRuleResponse
- data DescribeComplianceByConfigRuleResponse
- dcbcrrsComplianceByConfigRules :: Lens' DescribeComplianceByConfigRuleResponse [ComplianceByConfigRule]
- dcbcrrsNextToken :: Lens' DescribeComplianceByConfigRuleResponse (Maybe Text)
- dcbcrrsResponseStatus :: Lens' DescribeComplianceByConfigRuleResponse Int
Creating a Request
describeComplianceByConfigRule :: DescribeComplianceByConfigRule Source
Creates a value of DescribeComplianceByConfigRule with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
data DescribeComplianceByConfigRule Source
See: describeComplianceByConfigRule smart constructor.
Instances
Request Lenses
dcbcrConfigRuleNames :: Lens' DescribeComplianceByConfigRule [Text] Source
Specify one or more AWS Config rule names to filter the results by rule.
dcbcrComplianceTypes :: Lens' DescribeComplianceByConfigRule [ComplianceType] Source
Filters the results by compliance. The valid values are Compliant and
NonCompliant.
dcbcrNextToken :: Lens' DescribeComplianceByConfigRule (Maybe Text) Source
The nextToken string returned on a previous page that you use to get
the next page of results in a paginated response.
Destructuring the Response
describeComplianceByConfigRuleResponse Source
Creates a value of DescribeComplianceByConfigRuleResponse with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
data DescribeComplianceByConfigRuleResponse Source
See: describeComplianceByConfigRuleResponse smart constructor.
Instances
Response Lenses
dcbcrrsComplianceByConfigRules :: Lens' DescribeComplianceByConfigRuleResponse [ComplianceByConfigRule] Source
Indicates whether each of the specified AWS Config rules is compliant.
dcbcrrsNextToken :: Lens' DescribeComplianceByConfigRuleResponse (Maybe Text) Source
The string that you use in a subsequent request to get the next page of results in a paginated response.
dcbcrrsResponseStatus :: Lens' DescribeComplianceByConfigRuleResponse Int Source
The response status code.