AWS Config
API Reference (API Version 2014-11-12)


Adds or updates the remediation configuration with a specific AWS Config rule with the selected target or action. The API creates the RemediationConfiguration object for the AWS Config rule. The AWS Config rule must already exist for you to add a remediation configuration. The target (SSM document) must exist and have permissions to use the target.

Request Syntax

{ "RemediationConfigurations": [ { "Arn": "string", "Automatic": boolean, "ConfigRuleName": "string", "CreatedByService": "string", "ExecutionControls": { "SsmControls": { "ConcurrentExecutionRatePercentage": number, "ErrorPercentage": number } }, "MaximumAutomaticAttempts": number, "Parameters": { "string" : { "ResourceValue": { "Value": "string" }, "StaticValue": { "Values": [ "string" ] } } }, "ResourceType": "string", "RetryAttemptSeconds": number, "TargetId": "string", "TargetType": "string", "TargetVersion": "string" } ] }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.


A list of remediation configuration objects.

Type: Array of RemediationConfiguration objects

Array Members: Minimum number of 0 items. Maximum number of 25 items.

Required: Yes

Response Syntax

{ "FailedBatches": [ { "FailedItems": [ { "Arn": "string", "Automatic": boolean, "ConfigRuleName": "string", "CreatedByService": "string", "ExecutionControls": { "SsmControls": { "ConcurrentExecutionRatePercentage": number, "ErrorPercentage": number } }, "MaximumAutomaticAttempts": number, "Parameters": { "string" : { "ResourceValue": { "Value": "string" }, "StaticValue": { "Values": [ "string" ] } } }, "ResourceType": "string", "RetryAttemptSeconds": number, "TargetId": "string", "TargetType": "string", "TargetVersion": "string" } ], "FailureMessage": "string" } ] }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


Returns a list of failed remediation batch objects.

Type: Array of FailedRemediationBatch objects


For information about the errors that are common to all actions, see Common Errors.


Indicates one of the following errors:

  • For PutConfigRule, the rule cannot be created because the IAM role assigned to AWS Config lacks permissions to perform the config:Put* action.

  • For PutConfigRule, the AWS Lambda function cannot be invoked. Check the function ARN, and check the function's permissions.

  • For OrganizationConfigRule, organization config rule cannot be created because you do not have permissions to call IAM GetRole action or create service linked role.

HTTP Status Code: 400


One or more of the specified parameters are invalid. Verify that your parameters are valid and try again.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: