GetOrganizationCustomRulePolicy - Amazon Config
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

GetOrganizationCustomRulePolicy

Returns the policy definition containing the logic for your organization Amazon Config Custom Policy rule.

Request Syntax

{ "OrganizationConfigRuleName": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

OrganizationConfigRuleName

The name of your organization Amazon Config Custom Policy rule.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: .*\S.*

Required: Yes

Response Syntax

{ "PolicyText": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

PolicyText

The policy definition containing the logic for your organization Amazon Config Custom Policy rule.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 10000.

Errors

For information about the errors that are common to all actions, see Common Errors.

NoSuchOrganizationConfigRuleException

The Amazon Config rule in the request is not valid. Verify that the rule is an organization Amazon Config Custom Policy rule, that the rule name is correct, and that valid Amazon Resouce Names (ARNs) are used before trying again.

HTTP Status Code: 400

OrganizationAccessDeniedException

For PutConfigurationAggregator API, you can see this exception for the following reasons:

  • No permission to call EnableAWSServiceAccess API

  • The configuration aggregator cannot be updated because your Amazon Organization management account or the delegated administrator role changed. Delete this aggregator and create a new one with the current Amazon Organization.

  • The configuration aggregator is associated with a previous Amazon Organization and Amazon Config cannot aggregate data with current Amazon Organization. Delete this aggregator and create a new one with the current Amazon Organization.

  • You are not a registered delegated administrator for Amazon Config with permissions to call ListDelegatedAdministrators API. Ensure that the management account registers delagated administrator for Amazon Config service principle name before the delegated administrator creates an aggregator.

For all OrganizationConfigRule and OrganizationConformancePack APIs, Amazon Config throws an exception if APIs are called from member accounts. All APIs must be called from organization management account.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: