Queries the compliance evaluation results based on a rule in an account group.

The sample request in this topic shows you how to query the compliance evaluation results based on the cr-d369626622af008e**** rule in the ca-a4e5626622af0079**** account group. The return result shows that a total of 10 resources are evaluated by the rule and five of them are evaluated as compliant.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes GetAggregateResourceComplianceByConfigRule

The operation that you want to perform. Set the value to GetAggregateResourceComplianceByConfigRule.

ComplianceType String No COMPLIANT

The compliance evaluation results to be returned. Valid values:

  • COMPLIANT: The relevant resources are evaluated as compliant.
  • NON_COMPLIANT: The relevant resources are evaluated as non-compliant.
  • NOT_APPLICABLE: The rule does not apply to your resources.
  • INSUFFICIENT_DATA: No resource data is available.
ConfigRuleId String Yes cr-d369626622af008e****

The ID of the rule.

For more information about how to obtain the ID of a rule, see ListAggregateConfigRules.

AggregatorId String Yes ca-a4e5626622af0079****

The ID of the account group.

For more information about how to obtain the ID of an account group, see ListAggregators.

For information about common request parameters, see Common parameters.

Response parameters

Parameter Type Example Description
ComplianceResult Object

The compliance evaluation results returned.

TotalCount Long 10

The total number of evaluated resources.

Compliances Array of Compliances

The information about the compliance evaluation.

ComplianceType String COMPLIANT

The compliance evaluation result. Valid values:

  • COMPLIANT: The relevant resources are evaluated as compliant.
  • NON_COMPLIANT: The relevant resources are evaluated as non-compliant.
  • NOT_APPLICABLE: The rule does not apply to your resources.
  • INSUFFICIENT_DATA: No resource data is available.
Count Integer 5

The number of resources that have the compliance evaluation result. For example, if the value of the ComplianceType parameter is COMPLIANT, this parameter value indicates the number of compliant resources.

RequestId String 23306AB1-34E0-468F-BD7B-68D8AEAB754C

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=GetAggregateResourceComplianceByConfigRule
&ConfigRuleId=cr-d369626622af008e****
&AggregatorId=ca-a4e5626622af0079****
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<GetAggregateResourceComplianceByConfigRuleResponse>
    <ComplianceResult>
        <TotalCount>10</TotalCount>
        <Compliances>
            <ComplianceType>COMPLIANT</ComplianceType>
            <Count>5</Count>
        </Compliances>
    </ComplianceResult>
    <RequestId>23306AB1-34E0-468F-BD7B-68D8AEAB754C</RequestId>
</GetAggregateResourceComplianceByConfigRuleResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "ComplianceResult" : {
    "TotalCount" : 10,
    "Compliances" : [ {
      "ComplianceType" : "COMPLIANT",
      "Count" : 5
    } ]
  },
  "RequestId" : "23306AB1-34E0-468F-BD7B-68D8AEAB754C"
}

Error codes

HTTP status code Error code Error message Description
400 Invalid.AggregatorId.Value The specified AggregatorId is invalid. The error message returned because the specified account group ID does not exist or you are not authorized to use the account group.
404 AccountNotExisted Your account does not exist. The error message returned because your account does not exist.
503 ServiceUnavailable The request has failed due to a temporary failure of the server. The error message returned because the service is unavailable.

For a list of error codes, visit the API Error Center.