describeComplianceByConfigRule method

Future<DescribeComplianceByConfigRuleResponse> describeComplianceByConfigRule({
  1. List<ComplianceType>? complianceTypes,
  2. List<String>? configRuleNames,
  3. String? nextToken,
})

Indicates whether the specified AWS Config rules are compliant. If a rule is noncompliant, this action returns the number of AWS resources that do not comply with the rule.

A rule is compliant if all of the evaluated resources comply with it. It is noncompliant if any of these resources do not comply.

If AWS Config has no current evaluation results for the rule, it returns INSUFFICIENT_DATA. This result might indicate one of the following conditions:

  • AWS Config has never invoked an evaluation for the rule. To check whether it has, use the DescribeConfigRuleEvaluationStatus action to get the LastSuccessfulInvocationTime and LastFailedInvocationTime.
  • The rule's AWS Lambda function is failing to send evaluation results to AWS Config. Verify that the role you assigned to your configuration recorder includes the config:PutEvaluations permission. If the rule is a custom rule, verify that the AWS Lambda execution role includes the config:PutEvaluations permission.
  • The rule's AWS Lambda function has returned NOT_APPLICABLE for all evaluation results. This can occur if the resources were deleted or removed from the rule's scope.

May throw InvalidParameterValueException. May throw NoSuchConfigRuleException. May throw InvalidNextTokenException.

Parameter complianceTypes : Filters the results by compliance.

The allowed values are COMPLIANT and NON_COMPLIANT.

Parameter configRuleNames : Specify one or more AWS Config rule names to filter the results by rule.

Parameter nextToken : The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.

Implementation

Future<DescribeComplianceByConfigRuleResponse>
    describeComplianceByConfigRule({
  List<ComplianceType>? complianceTypes,
  List<String>? configRuleNames,
  String? nextToken,
}) async {
  final headers = <String, String>{
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target': 'StarlingDoveService.DescribeComplianceByConfigRule'
  };
  final jsonResponse = await _protocol.send(
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    // TODO queryParams
    headers: headers,
    payload: {
      if (complianceTypes != null)
        'ComplianceTypes': complianceTypes.map((e) => e.toValue()).toList(),
      if (configRuleNames != null) 'ConfigRuleNames': configRuleNames,
      if (nextToken != null) 'NextToken': nextToken,
    },
  );

  return DescribeComplianceByConfigRuleResponse.fromJson(jsonResponse.body);
}