DeleteOrganizationConformancePack
Deletes the specified organization conformance pack and all of the Amazon Config rules and remediation actions from all member accounts in that organization.
Only a management account or a delegated administrator account can delete an organization conformance pack.
When calling this API with a delegated administrator, you must ensure Amazon Organizations
ListDelegatedAdministrator
permissions are added.
Amazon Config sets the state of a conformance pack to DELETE_IN_PROGRESS until the deletion is complete. You cannot update a conformance pack while it is in this state.
Request Syntax
{
"OrganizationConformancePackName": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- OrganizationConformancePackName
-
The name of organization conformance pack that you want to delete.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z][-a-zA-Z0-9]*
Required: Yes
Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
Errors
For information about the errors that are common to all actions, see Common Errors.
- NoSuchOrganizationConformancePackException
-
Amazon Config organization conformance pack that you passed in the filter does not exist.
For DeleteOrganizationConformancePack, you tried to delete an organization conformance pack that does not exist.
HTTP Status Code: 400
- OrganizationAccessDeniedException
-
For
PutConfigurationAggregator
API, you can see this exception for the following reasons:-
No permission to call
EnableAWSServiceAccess
API -
The configuration aggregator cannot be updated because your Amazon Organization management account or the delegated administrator role changed. Delete this aggregator and create a new one with the current Amazon Organization.
-
The configuration aggregator is associated with a previous Amazon Organization and Amazon Config cannot aggregate data with current Amazon Organization. Delete this aggregator and create a new one with the current Amazon Organization.
-
You are not a registered delegated administrator for Amazon Config with permissions to call
ListDelegatedAdministrators
API. Ensure that the management account registers delagated administrator for Amazon Config service principal name before the delegated administrator creates an aggregator.
For all
OrganizationConfigRule
andOrganizationConformancePack
APIs, Amazon Config throws an exception if APIs are called from member accounts. All APIs must be called from organization management account.HTTP Status Code: 400
-
- ResourceInUseException
-
You see this exception in the following cases:
-
For DeleteConfigRule, Amazon Config is deleting this rule. Try your request again later.
-
For DeleteConfigRule, the rule is deleting your evaluation results. Try your request again later.
-
For DeleteConfigRule, a remediation action is associated with the rule and Amazon Config cannot delete this rule. Delete the remediation action associated with the rule before deleting the rule and try your request again later.
-
For PutConfigOrganizationRule, organization Amazon Config rule deletion is in progress. Try your request again later.
-
For DeleteOrganizationConfigRule, organization Amazon Config rule creation is in progress. Try your request again later.
-
For PutConformancePack and PutOrganizationConformancePack, a conformance pack creation, update, and deletion is in progress. Try your request again later.
-
For DeleteConformancePack, a conformance pack creation, update, and deletion is in progress. Try your request again later.
HTTP Status Code: 400
-
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: