将 GetComplianceDetailsByConfigRule 与 CLI 配合使用
以下代码示例演示如何使用。GetComplianceDetailsByConfigRule
- CLI
-
- Amazon CLI
-
获取 Amazon Config 规则的评估结果
以下命令返回所有不符合名为
InstanceTypesAreT2micro的 Amazon Config 规则的资源的评估结果:aws configservice get-compliance-details-by-config-rule --config-rule-nameInstanceTypesAreT2micro--compliance-typesNON_COMPLIANT输出:
{ "EvaluationResults": [ { "EvaluationResultIdentifier": { "OrderingTimestamp": 1450314635.065, "EvaluationResultQualifier": { "ResourceType": "AWS::EC2::Instance", "ResourceId": "i-1a2b3c4d", "ConfigRuleName": "InstanceTypesAreT2micro" } }, "ResultRecordedTime": 1450314645.261, "ConfigRuleInvokedTime": 1450314642.948, "ComplianceType": "NON_COMPLIANT" }, { "EvaluationResultIdentifier": { "OrderingTimestamp": 1450314635.065, "EvaluationResultQualifier": { "ResourceType": "AWS::EC2::Instance", "ResourceId": "i-2a2b3c4d", "ConfigRuleName": "InstanceTypesAreT2micro" } }, "ResultRecordedTime": 1450314645.18, "ConfigRuleInvokedTime": 1450314642.902, "ComplianceType": "NON_COMPLIANT" }, { "EvaluationResultIdentifier": { "OrderingTimestamp": 1450314635.065, "EvaluationResultQualifier": { "ResourceType": "AWS::EC2::Instance", "ResourceId": "i-3a2b3c4d", "ConfigRuleName": "InstanceTypesAreT2micro" } }, "ResultRecordedTime": 1450314643.346, "ConfigRuleInvokedTime": 1450314643.124, "ComplianceType": "NON_COMPLIANT" } ] }-
有关 API 详细信息,请参阅《Amazon CLI 命令参考》中的 GetComplianceDetailsByConfigRule
。
-
- PowerShell
-
- Tools for PowerShell V4
-
示例 1:此示例获取规则 access-keys-rotated 的评估结果,并返回按合规性类型分组的输出
Get-CFGComplianceDetailsByConfigRule -ConfigRuleName access-keys-rotated | Group-Object ComplianceType输出:
Count Name Group ----- ---- ----- 2 COMPLIANT {Amazon.ConfigService.Model.EvaluationResult, Amazon.ConfigService.Model.EvaluationResult} 5 NON_COMPLIANT {Amazon.ConfigService.Model.EvaluationResult, Amazon.ConfigService.Model.EvaluationResult, Amazon.ConfigService.Model.EvaluationRes...示例 2:此示例查询合规资源的 access-keys-rotated 规则的合规详细信息。
Get-CFGComplianceDetailsByConfigRule -ConfigRuleName access-keys-rotated -ComplianceType COMPLIANT | ForEach-Object {$_.EvaluationResultIdentifier.EvaluationResultQualifier}输出:
ConfigRuleName ResourceId ResourceType -------------- ---------- ------------ access-keys-rotated BCAB1CDJ2LITAPVEW3JAH AWS::IAM::User access-keys-rotated BCAB1CDJ2LITL3EHREM4Q AWS::IAM::User-
有关 API 详细信息,请参阅《Amazon Tools for PowerShell Cmdlet Reference(V4)》中的 GetComplianceDetailsByConfigRule。
-
- Tools for PowerShell V5
-
示例 1:此示例获取规则 access-keys-rotated 的评估结果,并返回按合规性类型分组的输出
Get-CFGComplianceDetailsByConfigRule -ConfigRuleName access-keys-rotated | Group-Object ComplianceType输出:
Count Name Group ----- ---- ----- 2 COMPLIANT {Amazon.ConfigService.Model.EvaluationResult, Amazon.ConfigService.Model.EvaluationResult} 5 NON_COMPLIANT {Amazon.ConfigService.Model.EvaluationResult, Amazon.ConfigService.Model.EvaluationResult, Amazon.ConfigService.Model.EvaluationRes...示例 2:此示例查询合规资源的 access-keys-rotated 规则的合规详细信息。
Get-CFGComplianceDetailsByConfigRule -ConfigRuleName access-keys-rotated -ComplianceType COMPLIANT | ForEach-Object {$_.EvaluationResultIdentifier.EvaluationResultQualifier}输出:
ConfigRuleName ResourceId ResourceType -------------- ---------- ------------ access-keys-rotated BCAB1CDJ2LITAPVEW3JAH AWS::IAM::User access-keys-rotated BCAB1CDJ2LITL3EHREM4Q AWS::IAM::User-
有关 API 详细信息,请参阅《Amazon Tools for PowerShell Cmdlet Reference(V5)》中的 GetComplianceDetailsByConfigRule。
-
有关 Amazon SDK 开发人员指南和代码示例的完整列表,请参阅 将 Amazon Config 与 Amazon 开发工具包配合使用 本主题还包括有关入门的信息以及有关先前的 SDK 版本的详细信息。
DescribeDeliveryChannels
GetComplianceDetailsByResource