UpdateAccountAuditConfiguration
Configures or reconfigures the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled.
Requires permission to access the UpdateAccountAuditConfiguration action.
Request Syntax
PATCH /audit/configuration HTTP/1.1
Content-type: application/json
{
"auditCheckConfigurations": {
"string
" : {
"enabled": boolean
}
},
"auditNotificationTargetConfigurations": {
"string
" : {
"enabled": boolean
,
"roleArn": "string
",
"targetArn": "string
"
}
},
"roleArn": "string
"
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- auditCheckConfigurations
-
Specifies which audit checks are enabled and disabled for this account. Use
DescribeAccountAuditConfiguration
to see the list of all checks, including those that are currently enabled.Some data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted.
You cannot disable a check if it's used by any scheduled audit. You must first delete the check from the scheduled audit or delete the scheduled audit itself.
On the first call to
UpdateAccountAuditConfiguration
, this parameter is required and must specify at least one enabled check.Type: String to AuditCheckConfiguration object map
Required: No
- auditNotificationTargetConfigurations
-
Information about the targets to which audit notifications are sent.
Type: String to AuditNotificationTarget object map
Valid Keys:
SNS
Required: No
- roleArn
-
The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: No
Response Syntax
HTTP/1.1 200
Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
Errors
- InternalFailureException
-
An unexpected error has occurred.
HTTP Status Code: 500
- InvalidRequestException
-
The request is not valid.
HTTP Status Code: 400
- ThrottlingException
-
The rate exceeds the limit.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: