Queries the details of a compliance pack in a specified account group.
Operation description
This topic provides an example of how to retrieve the details of the compliance pack cp-fdc8626622af00f9**** in the account group ca-f632626622af0079****.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
config:GetAggregateCompliancePack |
get |
*AggregateCompliancePack
|
None | None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| CompliancePackId |
string |
Yes |
The ID of the compliance pack. For more information about how to obtain the ID of a compliance pack, see ListAggregateCompliancePacks. |
cp-fdc8626622af00f9**** |
| AggregatorId |
string |
Yes |
The ID of the account group. For more information about how to obtain the ID of an account group, see ListAggregators. |
ca-f632626622af0079**** |
Tag
deprecated
|
array<object> |
No |
The tags of the resource. This parameter is deprecated and no longer takes effect. You can attach up to 20 tags to a resource. |
|
|
object |
No |
The tags of the resource. You can attach up to 20 tags to a resource. |
||
| Key |
string |
No |
The tag key of the resource. You can attach up to 20 tag keys. |
key-1 |
| Value |
string |
No |
The tag value of the resource. You can attach up to 20 tag values. |
value-1 |
Response elements
|
Element |
Type |
Description |
Example |
|
object |
None |
||
| RequestId |
string |
The ID of the request. |
6EC7AED1-172F-42AE-9C12-295BC2ADB751 |
| CompliancePack |
object |
The details of the compliance pack. |
|
| Status |
string |
The status of the compliance pack. Valid values:
|
ACTIVE |
| RiskLevel |
integer |
The risk level of the compliance pack. Valid values:
|
1 |
| CompliancePackId |
string |
The ID of the compliance pack. |
cp-fdc8626622af00f9**** |
| Description |
string |
The description of the compliance pack. |
基于等保2.0三级标准,提供持续检测合规性的建议模板,帮助您提前自检并修复问题,以便快速通过正式检测。 |
| ConfigRules |
array<object> |
The list of rules in the compliance pack. |
|
|
object |
None |
||
| ManagedRuleIdentifier |
string |
The identifier of the rule. |
eip-bandwidth-limit |
| ConfigRuleName |
string |
The name of the rule. |
弹性IP实例带宽满足最低要求 |
| ConfigRuleId |
string |
The ID of the rule. |
cr-a260626622af0005**** |
| ConfigRuleParameters |
array<object> |
The input parameters of the rule. |
|
|
object |
None |
||
| Required |
boolean |
Indicates whether the input parameter is required. Valid values:
|
true |
| ParameterName |
string |
The name of the input parameter. |
bandwidth |
| ParameterValue |
string |
The value of the input parameter. |
10 |
| Description |
string |
The description of the rule. |
弹性IP实例可用带宽大于等于指定参数值,视为“合规”。默认值:10 MB。 |
| RiskLevel |
integer |
The risk level of the rule. Valid values:
|
1 |
| ResourceTypesScope |
string |
The types of the resources that are evaluated by the rule. Separate multiple resource types with commas (,). |
ACS::EIP::EipAddress |
| TemplateContent |
string |
The information about the compliance pack template. The list of rules in the template does not include user-defined function rules. You can use the template to quickly create the same compliance pack for other accounts or account groups. |
{ "configRuleTemplates": [ { "configRuleName": "自定义条件规则示例", "scope": { "complianceResourceTypes": [ "ACS::ECS::Instance" ] }, "description": "", "source": { "owner": "CUSTOM_CONFIGURATION", "identifier": "acs-config-configuration", "sourceDetails": [ { "messageType": "ScheduledNotification", "maximumExecutionFrequency": "Twelve_Hours" }, { "messageType": "ConfigurationItemChangeNotification" } ], "conditions": "{\"ComplianceConditions\":\"{\\\"operator\\\":\\\"and\\\",\\\"children\\\":[{\\\"operator\\\":\\\"GreaterOrEquals\\\",\\\"featurePath\\\":\\\"$.Cpu\\\",\\\"featureSource\\\":\\\"CONFIGURATION\\\",\\\"desired\\\":\\\"2\\\"}]}\"}" }, "inputParameters": {} }, { "configRuleName": "OSS存储空间Referer在指定的防盗链白名单中", "scope": { "complianceResourceTypes": [ "ACS::OSS::Bucket" ] }, "description": "OSS存储空间开启防盗链并且Referer在指定白名单中,视为“合规”。", "source": { "owner": "ALIYUN", "identifier": "oss-bucket-referer-limit", "sourceDetails": [ { "messageType": "ConfigurationItemChangeNotification" } ] }, "inputParameters": { "allowEmptyReferer": "true", "allowReferers": "http://www.aliyun.com" } } ] } |
| CompliancePackName |
string |
The name of the compliance pack. |
等保三级预检合规包 |
| AccountId |
integer |
The ID of the management account to which the compliance pack belongs. |
100931896542**** |
| AggregatorId |
string |
The ID of the account group. |
ca-f632626622af0079**** |
| CompliancePackTemplateId |
string |
The ID of the compliance pack template. |
ct-5f26ff4e06a300c4**** |
| CreateTimestamp |
integer |
The timestamp when the compliance pack was created. Unit: milliseconds. |
1624243657000 |
| Scope |
object |
The evaluation scope of the compliance pack. |
|
| ExcludeRegionIdsScope |
string |
The IDs of the regions to exclude. Separate multiple region IDs with commas (,). |
cn-hangzhou |
| ResourceIdsScope |
string |
The IDs of the resources to which the rule applies. Separate multiple resource IDs with commas (,). |
eip-8vbf3x310fn56ijfd**** |
| ExcludeResourceGroupIdsScope |
string |
The IDs of the resource groups to exclude. The compliance pack does not apply to resources in these groups. Separate multiple resource group IDs with commas (,). |
rg-aekzc7r7rhx**** |
| TagKeyScope |
string |
The tag key of the resources to which the compliance pack applies. |
ECS |
| TagValueScope |
string |
The tag value of the resources to which the compliance pack applies. |
test |
| RegionIdsScope |
string |
The IDs of the regions where the compliance pack applies. Separate multiple region IDs with commas (,). |
cn-hangzhou |
| ExcludeResourceIdsScope |
string |
The IDs of the resources to exclude. The compliance pack does not apply to these resources. Separate multiple resource IDs with commas (,). |
eip-8vbf3x310fn56ijfd**** |
| ResourceGroupIdsScope |
string |
The IDs of the resource groups where the compliance pack applies. Separate multiple resource group IDs with commas (,). |
rg-aekzc7r7rhx**** |
| TagsScope |
array<object> |
The tag scope. |
|
|
object |
|||
| TagKey |
string |
The tag key. |
key-1 |
| TagValue |
string |
The tag value. |
value-1 |
| ExcludeTagsScope |
array<object> |
The excluded tag scope. |
|
|
object |
The excluded tag scope. |
||
| TagKey |
string |
The tag key. |
key-2 |
| TagValue |
string |
The tag value. |
value-2 |
| Tags |
array<object> |
The tags of the resource. |
|
|
object |
The tags of the resource. |
||
| TagKey |
string |
The tag key. |
key-1 |
| TagValue |
string |
The tag value. |
value-1 |
Examples
Success response
JSON format
{
"RequestId": "6EC7AED1-172F-42AE-9C12-295BC2ADB751",
"CompliancePack": {
"Status": "ACTIVE",
"RiskLevel": 1,
"CompliancePackId": "cp-fdc8626622af00f9****",
"Description": "基于等保2.0三级标准,提供持续检测合规性的建议模板,帮助您提前自检并修复问题,以便快速通过正式检测。",
"ConfigRules": [
{
"ManagedRuleIdentifier": "eip-bandwidth-limit",
"ConfigRuleName": "弹性IP实例带宽满足最低要求",
"ConfigRuleId": "cr-a260626622af0005****",
"ConfigRuleParameters": [
{
"Required": true,
"ParameterName": "bandwidth",
"ParameterValue": "10"
}
],
"Description": "弹性IP实例可用带宽大于等于指定参数值,视为“合规”。默认值:10 MB。",
"RiskLevel": 1,
"ResourceTypesScope": "ACS::EIP::EipAddress"
}
],
"TemplateContent": "{\n \"configRuleTemplates\": [\n {\n \"configRuleName\": \"自定义条件规则示例\",\n \"scope\": {\n \"complianceResourceTypes\": [\n \"ACS::ECS::Instance\"\n ]\n },\n \"description\": \"\",\n \"source\": {\n \"owner\": \"CUSTOM_CONFIGURATION\",\n \"identifier\": \"acs-config-configuration\",\n \"sourceDetails\": [\n {\n \"messageType\": \"ScheduledNotification\",\n \"maximumExecutionFrequency\": \"Twelve_Hours\"\n },\n {\n \"messageType\": \"ConfigurationItemChangeNotification\"\n }\n ],\n \"conditions\": \"{\\\"ComplianceConditions\\\":\\\"{\\\\\\\"operator\\\\\\\":\\\\\\\"and\\\\\\\",\\\\\\\"children\\\\\\\":[{\\\\\\\"operator\\\\\\\":\\\\\\\"GreaterOrEquals\\\\\\\",\\\\\\\"featurePath\\\\\\\":\\\\\\\"$.Cpu\\\\\\\",\\\\\\\"featureSource\\\\\\\":\\\\\\\"CONFIGURATION\\\\\\\",\\\\\\\"desired\\\\\\\":\\\\\\\"2\\\\\\\"}]}\\\"}\"\n },\n \"inputParameters\": {}\n },\n {\n \"configRuleName\": \"OSS存储空间Referer在指定的防盗链白名单中\",\n \"scope\": {\n \"complianceResourceTypes\": [\n \"ACS::OSS::Bucket\"\n ]\n },\n \"description\": \"OSS存储空间开启防盗链并且Referer在指定白名单中,视为“合规”。\",\n \"source\": {\n \"owner\": \"ALIYUN\",\n \"identifier\": \"oss-bucket-referer-limit\",\n \"sourceDetails\": [\n {\n \"messageType\": \"ConfigurationItemChangeNotification\"\n }\n ]\n },\n \"inputParameters\": {\n \"allowEmptyReferer\": \"true\",\n \"allowReferers\": \"http://www.aliyun.com\"\n }\n }\n ]\n}",
"CompliancePackName": "等保三级预检合规包",
"AccountId": 0,
"AggregatorId": "ca-f632626622af0079****",
"CompliancePackTemplateId": "ct-5f26ff4e06a300c4****",
"CreateTimestamp": 1624243657000,
"Scope": {
"ExcludeRegionIdsScope": "cn-hangzhou",
"ResourceIdsScope": "eip-8vbf3x310fn56ijfd****\n",
"ExcludeResourceGroupIdsScope": "rg-aekzc7r7rhx****",
"TagKeyScope": "ECS",
"TagValueScope": "test",
"RegionIdsScope": "cn-hangzhou",
"ExcludeResourceIdsScope": "eip-8vbf3x310fn56ijfd****",
"ResourceGroupIdsScope": "rg-aekzc7r7rhx****",
"TagsScope": [
{
"TagKey": "key-1",
"TagValue": "value-1"
}
],
"ExcludeTagsScope": [
{
"TagKey": "key-2",
"TagValue": "value-2"
}
]
},
"Tags": [
{
"TagKey": "key-1",
"TagValue": "value-1"
}
]
}
}Error codes
|
HTTP status code |
Error code |
Error message |
Description |
|---|---|---|---|
| 400 | Invalid.AggregatorId.Value | The specified AggregatorId is invalid. | The specified aggregator ID does not exist or you are not authorized to use the aggregator. |
| 400 | Invalid.CompliancePackId.Value | The specified CompliancePackId does not exist. | The specified compliance pack ID does not exist. |
| 404 | AccountNotExisted | Your account does not exist. | |
| 503 | ServiceUnavailable | The request has failed due to a temporary failure of the server. | The request has failed due to a temporary failure of the server. |
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.