Navigation Guide
You are on a Command (operation) page with structural examples. Use the navigation breadcrumb if you would like to return to the Client landing page.

GetComplianceSummaryCommand

Returns a table that shows counts of resources that are noncompliant with their tag policies.

For more information on tag policies, see Tag Policies in the Organizations User Guide.

You can call this operation only from the organization's management account and from the us-east-1 Region.

This operation supports pagination, where the response can be sent in multiple pages. You should check the PaginationToken response parameter to determine if there are additional results available to return. Repeat the query, passing the PaginationToken response parameter value as an input to the next request until you recieve a null value. A null value for PaginationToken indicates that there are no more results waiting to be returned.

Example Syntax

Use a bare-bones client and the command you need to make an API call.

import { ResourceGroupsTaggingAPIClient, GetComplianceSummaryCommand } from "@aws-sdk/client-resource-groups-tagging-api"; // ES Modules import
// const { ResourceGroupsTaggingAPIClient, GetComplianceSummaryCommand } = require("@aws-sdk/client-resource-groups-tagging-api"); // CommonJS import
const client = new ResourceGroupsTaggingAPIClient(config);
const input = { // GetComplianceSummaryInput
  TargetIdFilters: [ // TargetIdFilterList
    "STRING_VALUE",
  ],
  RegionFilters: [ // RegionFilterList
    "STRING_VALUE",
  ],
  ResourceTypeFilters: [ // ResourceTypeFilterList
    "STRING_VALUE",
  ],
  TagKeyFilters: [ // TagKeyFilterList
    "STRING_VALUE",
  ],
  GroupBy: [ // GroupBy
    "TARGET_ID" || "REGION" || "RESOURCE_TYPE",
  ],
  MaxResults: Number("int"),
  PaginationToken: "STRING_VALUE",
};
const command = new GetComplianceSummaryCommand(input);
const response = await client.send(command);
// { // GetComplianceSummaryOutput
//   SummaryList: [ // SummaryList
//     { // Summary
//       LastUpdated: "STRING_VALUE",
//       TargetId: "STRING_VALUE",
//       TargetIdType: "ACCOUNT" || "OU" || "ROOT",
//       Region: "STRING_VALUE",
//       ResourceType: "STRING_VALUE",
//       NonCompliantResources: Number("long"),
//     },
//   ],
//   PaginationToken: "STRING_VALUE",
// };

GetComplianceSummaryCommand Input

See GetComplianceSummaryCommandInput for more details

Parameter	Type	Description
`GroupBy`	`GroupByAttribute[] \| undefined`	Specifies a list of attributes to group the counts of noncompliant resources by. If supplied, the counts are sorted by those attributes.
`MaxResults`	`number \| undefined`	Specifies the maximum number of results to be returned in each page. A query can return fewer than this maximum, even if there are more results still to return. You should always check the `PaginationToken` response value to see if there are more results. You can specify a minimum of 1 and a maximum value of 100.
`PaginationToken`	`string \| undefined`	Specifies a `PaginationToken` response value from a previous request to indicate that you want the next page of results. Leave this parameter empty in your initial request.
`RegionFilters`	`string[] \| undefined`	Specifies a list of Amazon Web Services Regions to limit the output to. If you use this parameter, the count of returned noncompliant resources includes only resources in the specified Regions.
`ResourceTypeFilters`	`string[] \| undefined`	Specifies that you want the response to include information for only resources of the specified types. The format of each resource type is `service[:resourceType]`. For example, specifying a resource type of `ec2` returns all Amazon EC2 resources (which includes EC2 instances). Specifying a resource type of `ec2:instance` returns only EC2 instances. The string for each service name and resource type is the same as that embedded in a resource's Amazon Resource Name (ARN). Consult the Amazon Web Services General Reference for the following: For a list of service name strings, see Amazon Web Services Service Namespaces . For resource type strings, see Example ARNs . For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces . You can specify multiple resource types by using a comma separated array. The array can include up to 100 items. Note that the length constraint requirement applies to each resource type filter.
`TagKeyFilters`	`string[] \| undefined`	Specifies that you want the response to include information for only resources that have tags with the specified tag keys. If you use this parameter, the count of returned noncompliant resources includes only resources that have the specified tag keys.
`TargetIdFilters`	`string[] \| undefined`	Specifies target identifiers (usually, specific account IDs) to limit the output by. If you use this parameter, the count of returned noncompliant resources includes only resources with the specified target IDs.

GetComplianceSummaryCommand Output

See GetComplianceSummaryCommandOutput for details

Parameter	Type	Description
`$metadata` Required	`ResponseMetadata`	Metadata pertaining to this request.
`PaginationToken`	`string \| undefined`	A string that indicates that there is more data available than this response contains. To receive the next part of the response, specify this response value as the `PaginationToken` value in the request for the next page.
`SummaryList`	`Summary[] \| undefined`	A table that shows counts of noncompliant resources.

Throws

Name	Fault	Details
ConstraintViolationException	client	The request was denied because performing this operation violates a constraint. Some of the reasons in the following list might not apply to this specific operation. You must meet the prerequisites for using tag policies. For information, see Prerequisites and Permissions for Using Tag Policies in the Organizations User Guide. You must enable the tag policies service principal (`tagpolicies.tag.amazonaws.com`) to integrate with Organizations For information, see EnableAWSServiceAccess . You must have a tag policy attached to the organization root, an OU, or an account.
InternalServiceException	server	The request processing failed because of an unknown error, exception, or failure. You can retry the request.
InvalidParameterException	client	This error indicates one of the following: A parameter is missing. A malformed string was supplied for the request parameter. An out-of-range value was supplied for the request parameter. The target ID is invalid, unsupported, or doesn't exist. You can't access the Amazon S3 bucket for report storage. For more information, see Additional Requirements for Organization-wide Tag Compliance Reports in the Organizations User Guide.
ThrottledException	client	The request was denied to limit the frequency of submitted requests.
ResourceGroupsTaggingAPIServiceException		Base exception class for all service exceptions from ResourceGroupsTaggingAPI service.

Item	Package	Type
Access	@aws-sdk/client-accessanalyzer	Interface
AccessAnalyzer	@aws-sdk/client-accessanalyzer	Interface
AccessAnalyzerClientConfig	@aws-sdk/client-accessanalyzer	Interface
AccessAnalyzerClientResolvedConfig	@aws-sdk/client-accessanalyzer	Interface
AccessAnalyzerPaginationConfiguration	@aws-sdk/client-accessanalyzer	Interface
AccessPreview	@aws-sdk/client-accessanalyzer	Interface
AccessPreviewFinding	@aws-sdk/client-accessanalyzer	Interface
AccessPreviewStatusReason	@aws-sdk/client-accessanalyzer	Interface
AccessPreviewSummary	@aws-sdk/client-accessanalyzer	Interface
AnalysisRule	@aws-sdk/client-accessanalyzer	Interface

Select your cookie preferences

Customize cookie preferences

Essential

Performance

Functional

Advertising

Unable to save cookie preferences

Getting Started

References

GetComplianceSummaryCommand

Example Syntax

GetComplianceSummaryCommand Input

GetComplianceSummaryCommand Output

Throws

Table of Contents

Search