Discovering resources - Cloud Control API

Discovering resources

Use the list-resources command to discover the resources currently provisioned in your AWS account and AWS Region. This includes all resources of the specified resource type, regardless of whether they were provisioned through Cloud Control API, directly through the underlying service, or other mechanism (such as being part of an AWS CloudFormation stack).

The information returned for each resource includes:

  • The resource's primary identifier.

  • Optionally, it may include the part or all resource's properties, detailing the current state of the resource. For more information, see Viewing resource type schemas.

The following example returns a list of AWS::Logs::LogGroup resources.

aws cloudcontrol list-resources --type-name AWS::Logs::LogGroup

Cloud Control API returns a list of the resources in your account of the specified resource type. For the example above, list-resources returns the primary identifier and resource properties of all AWS::Logs::LogGroup resources in your account, regardless of whether they were provisioned by Cloud Control API. The returned information resembles the following, depending on the resources in your account.

{ "TypeName": "AWS::Logs::LogGroup", "ResourceDescriptions": [ { "Identifier": "CloudControlExample", "Properties": "{"RetentionInDays":180, "LogGroupName": "CloudControlExample", "Arn": "arn:aws:logs:us-west-2:090123456789:log-group:CloudControlExample:*"}" }, { "Identifier": "AnotherLogGroupResourceExample", "Properties": "{"RetentionInDays":90, "LogGroupName": "AnotherLogGroupResourceExample", "Arn": "arn:aws:logs:us-west-2:011111111111:log-group:AnotherLogGroupResourceExample:*"}" }, ] }

The following example requests a list of AWS::Kinesis::Stream resources.

aws cloudcontrol list-resources --type-name AWS::Kinesis::Stream

For Kinesis streams, Cloud Control API returns the primary identifier of each stream, along with a subset of the resource properties. In this case, just a single property, Name. You could then use a stream's primary identifier with get-resource to request the resource's full current state.

{ "TypeName": "AWS::Kinesis::Stream", "ResourceDescriptions": [ { "Identifier": "MyKinesisStream", "Properties": "{"Name": "MyKinesisStream"}" }, { "Identifier": "AnotherStream", "Properties": "{"Name": "AnotherStream"}" } ] }

Resources that require additional information

Certain resources require that you provide additional information about the resources that you want to list as part of your request. In these cases, you must use the ResourceModel parameter to specify these properties.

The table below lists these resources, and the properties you are required to specify in the ResourceModel parameter during list requests.

Resources Required properties

AWS::ApiGateway::DocumentationVersion

RestApiId

AWS::ApiGateway::Stage

RestApiId

AWS::CloudFormation::ResourceVersion

TypeArn or TypeName

AWS::CustomerProfiles::Integration

DomainName

AWS::CustomerProfiles::ObjectType

DomainName

AWS::EC2::TransitGatewayMulticastGroupMember

TransitGatewayMulticastDomainId

AWS::EC2::TransitGatewayMulticastGroupSource

TransitGatewayMulticastDomainId

AWS::ECS::TaskSet

Cluster, Service, and ID

AWS::EKS::AddOn

ClusterName

AWS::EKS::FargateProfile

ClusterName

AWS::ElasticLoadBalancingV2::Listener

LoadBalancerArn

AWS::ElasticLoadBalancingV2::ListenerRule

ListenerArn

AWS::Glue::SchemaVersion

  • SchemaDefinition, Schema/RegistryName, and Schema/SchemaName

  • SchemaDefinition and Schema/SchemaArn

AWS::Glue::SchemaVersionMetadata

SchemaVersionId

AWS::IoTSiteWise::AccessPolicy

  • /AccessPolicyResource/Portal

  • /AccessPolicyResource/Project

AWS::IoTSiteWise::Dashboard

ProjectId

AWS::IoTSiteWise::Project

PortalId

AWS::Kendra::DataSource

IndexId

AWS::Kendra::Faq

IndexId

AWS::MediaConnect::FlowEntitlement

FlowArn

AWS::MediaConnect::FlowOutput

FlowArn

AWS::MediaConnect::FlowSource

FlowArn

AWS::MediaConnect::FlowVpcInterface

FlowArn

AWS::MediaPackage::Asset

PackagingGroupId

AWS::MediaPackage::PackagingConfiguration

PackagingGroupId

AWS::NetworkFirewall::LoggingConfiguration

  • FirewallArn

  • FirewallName

AWS::QuickSight::Analysis

AwsAccountId

AWS::QuickSight::Dashboard

AwsAccountId

AWS::QuickSight::DataSet

AwsAccountId

AWS::QuickSight::DataSource

AwsAccountId

AWS::QuickSight::Template

AwsAccountId

AWS::QuickSight::Theme

AwsAccountId

AWS::RDS::DBProxyTargetGroup

DBProxyName

AWS::S3Outposts::AccessPoint

Bucket

AWS::S3Outposts::Bucket

OutpostId

AWS::SSO::Assignment

InstanceArn, PermissionSetArn, PrincipalId, PrincipalType, TargetId, and TargetType

AWS::SSO::InstanceAccessControlAttributeConfiguration

InstanceArn

AWS::SSO::PermissionSet

InstanceArn and PermissionSetArn