GetResourceEvaluationSummary - AWS Config
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSee Also

GetResourceEvaluationSummary

Returns a summary of resource evaluation for the specified resource evaluation ID from the proactive rules that were run. The results indicate which evaluation context was used to evaluate the rules, which resource details were evaluated, the evaluation mode that was run, and whether the resource details comply with the configuration of the proactive rules.

Note

To see additional information about the evaluation result, such as which rule flagged a resource as NON_COMPLIANT, use the GetComplianceDetailsByResource API. For more information, see the Examples section.

Request Syntax

{
   "ResourceEvaluationId": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

ResourceEvaluationId

The unique ResourceEvaluationId of AWS resource execution for which you want to retrieve the evaluation summary.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: Yes

Response Syntax

{
   "Compliance": "string",
   "EvaluationContext": { 
      "EvaluationContextIdentifier": "string"
   },
   "EvaluationMode": "string",
   "EvaluationStartTimestamp": number,
   "EvaluationStatus": { 
      "FailureReason": "string",
      "Status": "string"
   },
   "ResourceDetails": { 
      "ResourceConfiguration": "string",
      "ResourceConfigurationSchemaType": "string",
      "ResourceId": "string",
      "ResourceType": "string"
   },
   "ResourceEvaluationId": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

Compliance

The compliance status of the resource evaluation summary.

Type: String

Valid Values: COMPLIANT | NON_COMPLIANT | NOT_APPLICABLE | INSUFFICIENT_DATA

EvaluationContext

Returns an EvaluationContext object.

Type: EvaluationContext object

EvaluationMode

Lists results of the mode that you requested to retrieve the resource evaluation summary. The valid values are Detective or Proactive.

Type: String

Valid Values: DETECTIVE | PROACTIVE

EvaluationStartTimestamp

The start timestamp when AWS Config rule starts evaluating compliance for the provided resource details.

Type: Timestamp

EvaluationStatus

Returns an EvaluationStatus object.

Type: EvaluationStatus object

ResourceDetails

Returns a ResourceDetails object.

Type: ResourceDetails object

ResourceEvaluationId

The unique ResourceEvaluationId of AWS resource execution for which you want to retrieve the evaluation summary.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Errors

For information about the errors that are common to all actions, see Common Errors.

ResourceNotFoundException

You have specified a resource that does not exist.

HTTP Status Code: 400

Examples

Example

To see additional information about the evaluation result, such as which rule flagged a resource as NON_COMPLIANT, use the GetComplianceDetailsByResource API. For example:

aws configservice get-compliance-details-by-resource --resource-evaluation-id MY-EVALUATION-ID
{
	"EvaluationResults": [
		{
			"EvaluationResultIdentifier": {
				"EvaluationResultQualifier": {
					"ConfigRuleName": "s3-bucket-logging-enabled",
					"ResourceType": "AWS::S3::Bucket",
					"ResourceId": "MY-RESOURCE-ID",
					"EvaluationMode": "PROACTIVE"
				},
				"OrderingTimestamp": "2022-12-23T14:35:40.036000-05:00",
				"ResourceEvaluationId": "MY-EVALUATION-ID"
			},
			"ComplianceType": "NON_COMPLIANT",
			"ResultRecordedTime": "2022-12-23T14:35:11.213000-05:00",
			"ConfigRuleInvokedTime": "2022-12-23T14:35:10.978000-05:00"
		}
	]
}

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: