awscc.iot_accountauditconfiguration

Filters

  • event

  • reduce

  • value

Actions

delete

Parent base class for filters and actions.

properties:
  type:
    enum:
    - delete
required:
- type

Permissions - iot:DescribeAccountAuditConfiguration, iot:DeleteAccountAuditConfiguration

update

Parent base class for filters and actions.

definitions:
  AuditCheckConfiguration:
    additionalProperties: false
    description: The configuration for a specific audit check.
    properties:
      Enabled:
        description: True if the check is enabled.
        type: boolean
    type: object
  AuditCheckConfigurations:
    additionalProperties: false
    description: Specifies which audit checks are enabled and disabled for this account.
    properties:
      AuthenticatedCognitoRoleOverlyPermissiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      CaCertificateExpiringCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      CaCertificateKeyQualityCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      ConflictingClientIdsCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      DeviceCertificateExpiringCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      DeviceCertificateKeyQualityCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      DeviceCertificateSharedCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      IotPolicyOverlyPermissiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      IotRoleAliasAllowsAccessToUnusedServicesCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      IotRoleAliasOverlyPermissiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      LoggingDisabledCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      RevokedCaCertificateStillActiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      RevokedDeviceCertificateStillActiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      UnauthenticatedCognitoRoleOverlyPermissiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
    type: object
  AuditNotificationTarget:
    additionalProperties: false
    properties:
      Enabled:
        description: True if notifications to the target are enabled.
        type: boolean
      RoleArn:
        description: The ARN of the role that grants permission to send notifications
          to the target.
        maxLength: 2048
        minLength: 20
        type: string
      TargetArn:
        description: The ARN of the target (SNS topic) to which audit notifications
          are sent.
        maxLength: 2048
        type: string
    type: object
  AuditNotificationTargetConfigurations:
    additionalProperties: false
    description: Information about the targets to which audit notifications are sent.
    properties:
      Sns:
        additionalProperties: false
        properties:
          Enabled:
            description: True if notifications to the target are enabled.
            type: boolean
          RoleArn:
            description: The ARN of the role that grants permission to send notifications
              to the target.
            maxLength: 2048
            minLength: 20
            type: string
          TargetArn:
            description: The ARN of the target (SNS topic) to which audit notifications
              are sent.
            maxLength: 2048
            type: string
        type: object
    type: object
properties:
  AuditCheckConfigurations:
    additionalProperties: false
    description: Specifies which audit checks are enabled and disabled for this account.
    properties:
      AuthenticatedCognitoRoleOverlyPermissiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      CaCertificateExpiringCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      CaCertificateKeyQualityCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      ConflictingClientIdsCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      DeviceCertificateExpiringCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      DeviceCertificateKeyQualityCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      DeviceCertificateSharedCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      IotPolicyOverlyPermissiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      IotRoleAliasAllowsAccessToUnusedServicesCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      IotRoleAliasOverlyPermissiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      LoggingDisabledCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      RevokedCaCertificateStillActiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      RevokedDeviceCertificateStillActiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
      UnauthenticatedCognitoRoleOverlyPermissiveCheck:
        additionalProperties: false
        description: The configuration for a specific audit check.
        properties:
          Enabled:
            description: True if the check is enabled.
            type: boolean
        type: object
    type: object
  AuditNotificationTargetConfigurations:
    additionalProperties: false
    description: Information about the targets to which audit notifications are sent.
    properties:
      Sns:
        additionalProperties: false
        properties:
          Enabled:
            description: True if notifications to the target are enabled.
            type: boolean
          RoleArn:
            description: The ARN of the role that grants permission to send notifications
              to the target.
            maxLength: 2048
            minLength: 20
            type: string
          TargetArn:
            description: The ARN of the target (SNS topic) to which audit notifications
              are sent.
            maxLength: 2048
            type: string
        type: object
    type: object
  RoleArn:
    description: The ARN of the role that grants permission to AWS IoT to access information
      about your devices, policies, certificates and other items as required when
      performing an audit.
    maxLength: 2048
    minLength: 20
    type: string
  type:
    enum:
    - update

Permissions - iot:UpdateAccountAuditConfiguration, iot:DescribeAccountAuditConfiguration, iam:PassRole