You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.

Class: Aws::IoT::Client

Inherits:
Seahorse::Client::Base show all
Defined in:
(unknown)

Overview

An API client for AWS IoT. To construct a client, you need to configure a :region and :credentials.

iot = Aws::IoT::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

See #initialize for a full list of supported configuration options.

Region

You can configure a default region in the following locations:

  • ENV['AWS_REGION']
  • Aws.config[:region]

Go here for a list of supported regions.

Credentials

Default credentials are loaded automatically from the following locations:

  • ENV['AWS_ACCESS_KEY_ID'] and ENV['AWS_SECRET_ACCESS_KEY']
  • Aws.config[:credentials]
  • The shared credentials ini file at ~/.aws/credentials (more information)
  • From an instance profile when running on EC2

You can also construct a credentials object from one of the following classes:

Alternatively, you configure credentials with :access_key_id and :secret_access_key:

# load credentials from disk
creds = YAML.load(File.read('/path/to/secrets'))

Aws::IoT::Client.new(
  access_key_id: creds['access_key_id'],
  secret_access_key: creds['secret_access_key']
)

Always load your credentials from outside your application. Avoid configuring credentials statically and never commit them to source control.

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

Constructor collapse

API Operations collapse

Instance Method Summary collapse

Methods inherited from Seahorse::Client::Base

add_plugin, api, #build_request, clear_plugins, define, new, #operation, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(options = {}) ⇒ Aws::IoT::Client

Constructs an API client.

Options Hash (options):

  • :access_key_id (String)

    Used to set credentials statically. See Plugins::RequestSigner for more details.

  • :active_endpoint_cache (Boolean)

    When set to true, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to false. See Plugins::EndpointDiscovery for more details.

  • :convert_params (Boolean) — default: true

    When true, an attempt is made to coerce request parameters into the required types. See Plugins::ParamConverter for more details.

  • :credentials (required, Credentials)

    Your AWS credentials. The following locations will be searched in order for credentials:

    • :access_key_id, :secret_access_key, and :session_token options
    • ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
    • HOME/.aws/credentials shared credentials file
    • EC2 instance profile credentials See Plugins::RequestSigner for more details.
  • :disable_host_prefix_injection (Boolean)

    Set to true to disable SDK automatically adding host prefix to default service endpoint when available. See Plugins::EndpointPattern for more details.

  • :endpoint (String)

    A default endpoint is constructed from the :region. See Plugins::RegionalEndpoint for more details.

  • :endpoint_cache_max_entries (Integer)

    Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000. See Plugins::EndpointDiscovery for more details.

  • :endpoint_cache_max_threads (Integer)

    Used for the maximum threads in use for polling endpoints to be cached, defaults to 10. See Plugins::EndpointDiscovery for more details.

  • :endpoint_cache_poll_interval (Integer)

    When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec. See Plugins::EndpointDiscovery for more details.

  • :endpoint_discovery (Boolean)

    When set to true, endpoint discovery will be enabled for operations when available. Defaults to false. See Plugins::EndpointDiscovery for more details.

  • :http_continue_timeout (Float) — default: 1

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_idle_timeout (Integer) — default: 5

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_open_timeout (Integer) — default: 15

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_proxy (String)

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_read_timeout (Integer) — default: 60

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_wire_trace (Boolean) — default: false

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :log_level (Symbol) — default: :info

    The log level to send messages to the logger at. See Plugins::Logging for more details.

  • :log_formatter (Logging::LogFormatter)

    The log formatter. Defaults to Seahorse::Client::Logging::Formatter.default. See Plugins::Logging for more details.

  • :logger (Logger) — default: nil

    The Logger instance to send log messages to. If this option is not set, logging will be disabled. See Plugins::Logging for more details.

  • :profile (String)

    Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, 'default' is used. See Plugins::RequestSigner for more details.

  • :raise_response_errors (Boolean) — default: true

    When true, response errors are raised. See Seahorse::Client::Plugins::RaiseResponseErrors for more details.

  • :region (required, String)

    The AWS region to connect to. The region is used to construct the client endpoint. Defaults to ENV['AWS_REGION']. Also checks AMAZON_REGION and AWS_DEFAULT_REGION. See Plugins::RegionalEndpoint for more details.

  • :retry_limit (Integer) — default: 3

    The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors and auth errors from expired credentials. See Plugins::RetryErrors for more details.

  • :secret_access_key (String)

    Used to set credentials statically. See Plugins::RequestSigner for more details.

  • :session_token (String)

    Used to set credentials statically. See Plugins::RequestSigner for more details.

  • :ssl_ca_bundle (String)

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :ssl_ca_directory (String)

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :ssl_ca_store (String)

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :ssl_verify_peer (Boolean) — default: true

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :stub_responses (Boolean) — default: false

    Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

    Please note When response stubbing is enabled, no HTTP requests are made, and retries are disabled. See Plugins::StubResponses for more details.

  • :validate_params (Boolean) — default: true

    When true, request parameters are validated before sending the request. See Plugins::ParamValidator for more details.

Instance Method Details

#accept_certificate_transfer(options = {}) ⇒ Struct

Accepts a pending certificate transfer. The default state of the certificate is INACTIVE.

To check for pending certificate transfers, call ListCertificates to enumerate your certificates.

Examples:

Request syntax with placeholder values


resp = client.accept_certificate_transfer({
  certificate_id: "CertificateId", # required
  set_as_active: false,
})

Options Hash (options):

  • :certificate_id (required, String)

    The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)

  • :set_as_active (Boolean)

    Specifies whether the certificate is active.

Returns:

  • (Struct)

    Returns an empty response.

#add_thing_to_billing_group(options = {}) ⇒ Struct

Adds a thing to a billing group.

Examples:

Request syntax with placeholder values


resp = client.add_thing_to_billing_group({
  billing_group_name: "BillingGroupName",
  billing_group_arn: "BillingGroupArn",
  thing_name: "ThingName",
  thing_arn: "ThingArn",
})

Options Hash (options):

  • :billing_group_name (String)

    The name of the billing group.

  • :billing_group_arn (String)

    The ARN of the billing group.

  • :thing_name (String)

    The name of the thing to be added to the billing group.

  • :thing_arn (String)

    The ARN of the thing to be added to the billing group.

Returns:

  • (Struct)

    Returns an empty response.

#add_thing_to_thing_group(options = {}) ⇒ Struct

Adds a thing to a thing group.

Examples:

Request syntax with placeholder values


resp = client.add_thing_to_thing_group({
  thing_group_name: "ThingGroupName",
  thing_group_arn: "ThingGroupArn",
  thing_name: "ThingName",
  thing_arn: "ThingArn",
  override_dynamic_groups: false,
})

Options Hash (options):

  • :thing_group_name (String)

    The name of the group to which you are adding a thing.

  • :thing_group_arn (String)

    The ARN of the group to which you are adding a thing.

  • :thing_name (String)

    The name of the thing to add to a group.

  • :thing_arn (String)

    The ARN of the thing to add to a group.

  • :override_dynamic_groups (Boolean)

    Override dynamic thing groups with static thing groups when 10-group limit is reached. If a thing belongs to 10 thing groups, and one or more of those groups are dynamic thing groups, adding a thing to a static group removes the thing from the last dynamic group.

Returns:

  • (Struct)

    Returns an empty response.

#associate_targets_with_job(options = {}) ⇒ Types::AssociateTargetsWithJobResponse

Associates a group with a continuous job. The following criteria must be met:

  • The job must have been created with the targetSelection field set to "CONTINUOUS".

  • The job status must currently be "IN_PROGRESS".

  • The total number of targets associated with a job must not exceed 100.

Examples:

Request syntax with placeholder values


resp = client.associate_targets_with_job({
  targets: ["TargetArn"], # required
  job_id: "JobId", # required
  comment: "Comment",
  namespace_id: "NamespaceId",
})

Response structure


resp.job_arn #=> String
resp.job_id #=> String
resp.description #=> String

Options Hash (options):

  • :targets (required, Array<String>)

    A list of thing group ARNs that define the targets of the job.

  • :job_id (required, String)

    The unique identifier you assigned to this job when it was created.

  • :comment (String)

    An optional comment string describing why the job was associated with the targets.

  • :namespace_id (String)

    The namespace used to indicate that a job is a customer-managed job.

    When you specify a value for this parameter, AWS IoT Core sends jobs notifications to MQTT topics that contain the value in the following format.

    $aws/things/THING_NAME/jobs/JOB_ID/notify-namespace-NAMESPACE_ID/

    The namespaceId feature is in public preview.

Returns:

#attach_policy(options = {}) ⇒ Struct

Attaches a policy to the specified target.

Examples:

Request syntax with placeholder values


resp = client.attach_policy({
  policy_name: "PolicyName", # required
  target: "PolicyTarget", # required
})

Options Hash (options):

  • :policy_name (required, String)

    The name of the policy to attach.

  • :target (required, String)

    The identity to which the policy is attached.

Returns:

  • (Struct)

    Returns an empty response.

#attach_principal_policy(options = {}) ⇒ Struct

Attaches the specified policy to the specified principal (certificate or other credential).

Note: This API is deprecated. Please use AttachPolicy instead.

Examples:

Request syntax with placeholder values


resp = client.attach_principal_policy({
  policy_name: "PolicyName", # required
  principal: "Principal", # required
})

Options Hash (options):

  • :policy_name (required, String)

    The policy name.

  • :principal (required, String)

    The principal, which can be a certificate ARN (as returned from the CreateCertificate operation) or an Amazon Cognito ID.

Returns:

  • (Struct)

    Returns an empty response.

#attach_security_profile(options = {}) ⇒ Struct

Associates a Device Defender security profile with a thing group or this account. Each thing group or account can have up to five security profiles associated with it.

Examples:

Request syntax with placeholder values


resp = client.attach_security_profile({
  security_profile_name: "SecurityProfileName", # required
  security_profile_target_arn: "SecurityProfileTargetArn", # required
})

Options Hash (options):

  • :security_profile_name (required, String)

    The security profile that is attached.

  • :security_profile_target_arn (required, String)

    The ARN of the target (thing group) to which the security profile is attached.

Returns:

  • (Struct)

    Returns an empty response.

#attach_thing_principal(options = {}) ⇒ Struct

Attaches the specified principal to the specified thing. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

Examples:

Request syntax with placeholder values


resp = client.attach_thing_principal({
  thing_name: "ThingName", # required
  principal: "Principal", # required
})

Options Hash (options):

  • :thing_name (required, String)

    The name of the thing.

  • :principal (required, String)

    The principal, which can be a certificate ARN (as returned from the CreateCertificate operation) or an Amazon Cognito ID.

Returns:

  • (Struct)

    Returns an empty response.

#cancel_audit_mitigation_actions_task(options = {}) ⇒ Struct

Cancels a mitigation action task that is in progress. If the task is not in progress, an InvalidRequestException occurs.

Examples:

Request syntax with placeholder values


resp = client.cancel_audit_mitigation_actions_task({
  task_id: "AuditMitigationActionsTaskId", # required
})

Options Hash (options):

  • :task_id (required, String)

    The unique identifier for the task that you want to cancel.

Returns:

  • (Struct)

    Returns an empty response.

#cancel_audit_task(options = {}) ⇒ Struct

Cancels an audit that is in progress. The audit can be either scheduled or on-demand. If the audit is not in progress, an "InvalidRequestException" occurs.

Examples:

Request syntax with placeholder values


resp = client.cancel_audit_task({
  task_id: "AuditTaskId", # required
})

Options Hash (options):

  • :task_id (required, String)

    The ID of the audit you want to cancel. You can only cancel an audit that is \"IN_PROGRESS\".

Returns:

  • (Struct)

    Returns an empty response.

#cancel_certificate_transfer(options = {}) ⇒ Struct

Cancels a pending transfer for the specified certificate.

Note Only the transfer source account can use this operation to cancel a transfer. (Transfer destinations can use RejectCertificateTransfer instead.) After transfer, AWS IoT returns the certificate to the source account in the INACTIVE state. After the destination account has accepted the transfer, the transfer cannot be cancelled.

After a certificate transfer is cancelled, the status of the certificate changes from PENDING_TRANSFER to INACTIVE.

Examples:

Request syntax with placeholder values


resp = client.cancel_certificate_transfer({
  certificate_id: "CertificateId", # required
})

Options Hash (options):

  • :certificate_id (required, String)

    The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)

Returns:

  • (Struct)

    Returns an empty response.

#cancel_job(options = {}) ⇒ Types::CancelJobResponse

Cancels a job.

Examples:

Request syntax with placeholder values


resp = client.cancel_job({
  job_id: "JobId", # required
  reason_code: "ReasonCode",
  comment: "Comment",
  force: false,
})

Response structure


resp.job_arn #=> String
resp.job_id #=> String
resp.description #=> String

Options Hash (options):

  • :job_id (required, String)

    The unique identifier you assigned to this job when it was created.

  • :reason_code (String) — default: Optional

    A reason code string that explains why the job was canceled.

  • :comment (String)

    An optional comment string describing why the job was canceled.

  • :force (Boolean) — default: Optional

    If true job executions with status \"IN_PROGRESS\" and \"QUEUED\" are canceled, otherwise only job executions with status \"QUEUED\" are canceled. The default is false.

    Canceling a job which is \"IN_PROGRESS\", will cause a device which is executing the job to be unable to update the job execution status. Use caution and ensure that each device executing a job which is canceled is able to recover to a valid state.

Returns:

#cancel_job_execution(options = {}) ⇒ Struct

Cancels the execution of a job for a given thing.

Examples:

Request syntax with placeholder values


resp = client.cancel_job_execution({
  job_id: "JobId", # required
  thing_name: "ThingName", # required
  force: false,
  expected_version: 1,
  status_details: {
    "DetailsKey" => "DetailsValue",
  },
})

Options Hash (options):

  • :job_id (required, String)

    The ID of the job to be canceled.

  • :thing_name (required, String)

    The name of the thing whose execution of the job will be canceled.

  • :force (Boolean) — default: Optional

    If true the job execution will be canceled if it has status IN_PROGRESS or QUEUED, otherwise the job execution will be canceled only if it has status QUEUED. If you attempt to cancel a job execution that is IN_PROGRESS, and you do not set force to true, then an InvalidStateTransitionException will be thrown. The default is false.

    Canceling a job execution which is \"IN_PROGRESS\", will cause the device to be unable to update the job execution status. Use caution and ensure that the device is able to recover to a valid state.

  • :expected_version (Integer) — default: Optional

    The expected current version of the job execution. Each time you update the job execution, its version is incremented. If the version of the job execution stored in Jobs does not match, the update is rejected with a VersionMismatch error, and an ErrorResponse that contains the current job execution status data is returned. (This makes it unnecessary to perform a separate DescribeJobExecution request in order to obtain the job execution status data.)

  • :status_details (Hash<String,String>)

    A collection of name/value pairs that describe the status of the job execution. If not specified, the statusDetails are unchanged. You can specify at most 10 name/value pairs.

Returns:

  • (Struct)

    Returns an empty response.

#clear_default_authorizer(options = {}) ⇒ Struct

Clears the default authorizer.

Examples:

Request syntax with placeholder values


resp = client.clear_default_authorizer()

Returns:

  • (Struct)

    Returns an empty response.

#confirm_topic_rule_destination(options = {}) ⇒ Struct

Confirms a topic rule destination. When you create a rule requiring a destination, AWS IoT sends a confirmation message to the endpoint or base address you specify. The message includes a token which you pass back when calling ConfirmTopicRuleDestination to confirm that you own or have access to the endpoint.

Examples:

Request syntax with placeholder values


resp = client.confirm_topic_rule_destination({
  confirmation_token: "ConfirmationToken", # required
})

Options Hash (options):

  • :confirmation_token (required, String)

    The token used to confirm ownership or access to the topic rule confirmation URL.

Returns:

  • (Struct)

    Returns an empty response.

#create_audit_suppression(options = {}) ⇒ Struct

Creates a Device Defender audit suppression.

Examples:

Request syntax with placeholder values


resp = client.create_audit_suppression({
  check_name: "AuditCheckName", # required
  resource_identifier: { # required
    device_certificate_id: "CertificateId",
    ca_certificate_id: "CertificateId",
    cognito_identity_pool_id: "CognitoIdentityPoolId",
    client_id: "ClientId",
    policy_version_identifier: {
      policy_name: "PolicyName",
      policy_version_id: "PolicyVersionId",
    },
    account: "AwsAccountId",
    iam_role_arn: "RoleArn",
    role_alias_arn: "RoleAliasArn",
  },
  expiration_date: Time.now,
  suppress_indefinitely: false,
  description: "AuditDescription",
  client_request_token: "ClientRequestToken", # required
})

Options Hash (options):

  • :check_name (required, String)

    An audit check name. Checks must be enabled for your account. (Use DescribeAccountAuditConfiguration to see the list of all checks, including those that are enabled or use UpdateAccountAuditConfiguration to select which checks are enabled.)

  • :resource_identifier (required, Types::ResourceIdentifier)

    Information that identifies the noncompliant resource.

  • :expiration_date (Time)

    The epoch timestamp in seconds at which this suppression expires.

  • :suppress_indefinitely (Boolean)

    Indicates whether a suppression should exist indefinitely or not.

  • :description (String)

    The description of the audit suppression.

  • :client_request_token (required, String)

    This parameter will be auto-filled on your behalf with a random UUIDv4 when no value is provided. The epoch timestamp in seconds at which this suppression expires.

Returns:

  • (Struct)

    Returns an empty response.

#create_authorizer(options = {}) ⇒ Types::CreateAuthorizerResponse

Creates an authorizer.

Examples:

Request syntax with placeholder values


resp = client.create_authorizer({
  authorizer_name: "AuthorizerName", # required
  authorizer_function_arn: "AuthorizerFunctionArn", # required
  token_key_name: "TokenKeyName",
  token_signing_public_keys: {
    "KeyName" => "KeyValue",
  },
  status: "ACTIVE", # accepts ACTIVE, INACTIVE
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
  signing_disabled: false,
})

Response structure


resp.authorizer_name #=> String
resp.authorizer_arn #=> String

Options Hash (options):

  • :authorizer_name (required, String)

    The authorizer name.

  • :authorizer_function_arn (required, String)

    The ARN of the authorizer\'s Lambda function.

  • :token_key_name (String)

    The name of the token key used to extract the token from the HTTP headers.

  • :token_signing_public_keys (Hash<String,String>)

    The public keys used to verify the digital signature returned by your custom authentication service.

  • :status (String)

    The status of the create authorizer request.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the custom authorizer.

    For URI Request parameters use format: ...key1=value1&key2=value2...

    For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"

    For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"

  • :signing_disabled (Boolean)

    Specifies whether AWS IoT validates the token signature in an authorization request.

Returns:

#create_billing_group(options = {}) ⇒ Types::CreateBillingGroupResponse

Creates a billing group.

Examples:

Request syntax with placeholder values


resp = client.create_billing_group({
  billing_group_name: "BillingGroupName", # required
  billing_group_properties: {
    billing_group_description: "BillingGroupDescription",
  },
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.billing_group_name #=> String
resp.billing_group_arn #=> String
resp.billing_group_id #=> String

Options Hash (options):

  • :billing_group_name (required, String)

    The name you wish to give to the billing group.

  • :billing_group_properties (Types::BillingGroupProperties)

    The properties of the billing group.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the billing group.

Returns:

#create_certificate_from_csr(options = {}) ⇒ Types::CreateCertificateFromCsrResponse

Creates an X.509 certificate using the specified certificate signing request.

Note: The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256 or NIST P-384 curves.

Note: Reusing the same certificate signing request (CSR) results in a distinct certificate.

You can create multiple certificates in a batch by creating a directory, copying multiple .csr files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs.

Assuming a set of CSRs are located inside of the directory my-csr-directory:

On Linux and OS X, the command is:

$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}

This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr AWS CLI command to create a certificate for the corresponding CSR.

The aws iot create-certificate-from-csr part of the command can also be run in parallel to speed up the certificate creation process:

$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}

On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:

> ls -Name my-csr-directory | %iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/$_

On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:

> forfiles /p my-csr-directory /c "cmd /c aws iot create-certificate-from-csr --certificate-signing-request file://@path"

Examples:

Request syntax with placeholder values


resp = client.create_certificate_from_csr({
  certificate_signing_request: "CertificateSigningRequest", # required
  set_as_active: false,
})

Response structure


resp.certificate_arn #=> String
resp.certificate_id #=> String
resp.certificate_pem #=> String

Options Hash (options):

  • :certificate_signing_request (required, String)

    The certificate signing request (CSR).

  • :set_as_active (Boolean)

    Specifies whether the certificate is active.

Returns:

#create_dimension(options = {}) ⇒ Types::CreateDimensionResponse

Create a dimension that you can use to limit the scope of a metric used in a security profile for AWS IoT Device Defender. For example, using a TOPIC_FILTER dimension, you can narrow down the scope of the metric only to MQTT topics whose name match the pattern specified in the dimension.

Examples:

Request syntax with placeholder values


resp = client.create_dimension({
  name: "DimensionName", # required
  type: "TOPIC_FILTER", # required, accepts TOPIC_FILTER
  string_values: ["DimensionStringValue"], # required
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
  client_request_token: "ClientRequestToken", # required
})

Response structure


resp.name #=> String
resp.arn #=> String

Options Hash (options):

  • :name (required, String)

    A unique identifier for the dimension. Choose something that describes the type and value to make it easy to remember what it does.

  • :type (required, String)

    Specifies the type of dimension. Supported types: TOPIC_FILTER.

  • :string_values (required, Array<String>)

    Specifies the value or list of values for the dimension. For TOPIC_FILTER dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").

  • :tags (Array<Types::Tag>)

    Metadata that can be used to manage the dimension.

  • :client_request_token (required, String)

    This parameter will be auto-filled on your behalf with a random UUIDv4 when no value is provided. Each dimension must have a unique client request token. If you try to create a new dimension with the same token as a dimension that already exists, an exception occurs. If you omit this value, AWS SDKs will automatically generate a unique client request.

Returns:

#create_domain_configuration(options = {}) ⇒ Types::CreateDomainConfigurationResponse

Creates a domain configuration.

The domain configuration feature is in public preview and is subject to change.

Examples:

Request syntax with placeholder values


resp = client.create_domain_configuration({
  domain_configuration_name: "DomainConfigurationName", # required
  domain_name: "DomainName",
  server_certificate_arns: ["AcmCertificateArn"],
  validation_certificate_arn: "AcmCertificateArn",
  authorizer_config: {
    default_authorizer_name: "AuthorizerName",
    allow_authorizer_override: false,
  },
  service_type: "DATA", # accepts DATA, CREDENTIAL_PROVIDER, JOBS
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.domain_configuration_name #=> String
resp.domain_configuration_arn #=> String

Options Hash (options):

  • :domain_configuration_name (required, String)

    The name of the domain configuration. This value must be unique to a region.

  • :domain_name (String)

    The name of the domain.

  • :server_certificate_arns (Array<String>)

    The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS-managed domains.

  • :validation_certificate_arn (String)

    The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS-managed domains.

  • :authorizer_config (Types::AuthorizerConfig)

    An object that specifies the authorization service for a domain.

  • :service_type (String)

    The type of service delivered by the endpoint.

    AWS IoT Core currently supports only the DATA service type.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the domain configuration.

    For URI Request parameters use format: ...key1=value1&key2=value2...

    For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"

    For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"

Returns:

#create_dynamic_thing_group(options = {}) ⇒ Types::CreateDynamicThingGroupResponse

Creates a dynamic thing group.

Examples:

Request syntax with placeholder values


resp = client.create_dynamic_thing_group({
  thing_group_name: "ThingGroupName", # required
  thing_group_properties: {
    thing_group_description: "ThingGroupDescription",
    attribute_payload: {
      attributes: {
        "AttributeName" => "AttributeValue",
      },
      merge: false,
    },
  },
  index_name: "IndexName",
  query_string: "QueryString", # required
  query_version: "QueryVersion",
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.thing_group_name #=> String
resp.thing_group_arn #=> String
resp.thing_group_id #=> String
resp.index_name #=> String
resp.query_string #=> String
resp.query_version #=> String

Options Hash (options):

  • :thing_group_name (required, String)

    The dynamic thing group name to create.

  • :thing_group_properties (Types::ThingGroupProperties)

    The dynamic thing group properties.

  • :index_name (String)

    The dynamic thing group index name.

    Currently one index is supported: \"AWS_Things\".

  • :query_string (required, String)

    The dynamic thing group search query string.

    See Query Syntax for information about query string syntax.

  • :query_version (String)

    The dynamic thing group query version.

    Currently one query version is supported: \"2017-09-30\". If not specified, the query version defaults to this value.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the dynamic thing group.

Returns:

#create_job(options = {}) ⇒ Types::CreateJobResponse

Creates a job.

Examples:

Request syntax with placeholder values


resp = client.create_job({
  job_id: "JobId", # required
  targets: ["TargetArn"], # required
  document_source: "JobDocumentSource",
  document: "JobDocument",
  description: "JobDescription",
  presigned_url_config: {
    role_arn: "RoleArn",
    expires_in_sec: 1,
  },
  target_selection: "CONTINUOUS", # accepts CONTINUOUS, SNAPSHOT
  job_executions_rollout_config: {
    maximum_per_minute: 1,
    exponential_rate: {
      base_rate_per_minute: 1, # required
      increment_factor: 1.0, # required
      rate_increase_criteria: { # required
        number_of_notified_things: 1,
        number_of_succeeded_things: 1,
      },
    },
  },
  abort_config: {
    criteria_list: [ # required
      {
        failure_type: "FAILED", # required, accepts FAILED, REJECTED, TIMED_OUT, ALL
        action: "CANCEL", # required, accepts CANCEL
        threshold_percentage: 1.0, # required
        min_number_of_executed_things: 1, # required
      },
    ],
  },
  timeout_config: {
    in_progress_timeout_in_minutes: 1,
  },
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
  namespace_id: "NamespaceId",
})

Response structure


resp.job_arn #=> String
resp.job_id #=> String
resp.description #=> String

Options Hash (options):

  • :job_id (required, String)

    A job identifier which must be unique for your AWS account. We recommend using a UUID. Alpha-numeric characters, \"-\" and \"_\" are valid for use here.

  • :targets (required, Array<String>)

    A list of things and thing groups to which the job should be sent.

  • :document_source (String)

    An S3 link to the job document.

  • :document (String)

    The job document.

    If the job document resides in an S3 bucket, you must use a placeholder link when specifying the document.

    The placeholder link is of the following form:

    $`{aws:iot:s3-presigned-url:https://s3.amazonaws.com/bucket/key}`

    where bucket is your bucket name and key is the object in the bucket to which you are linking.

  • :description (String)

    A short text description of the job.

  • :presigned_url_config (Types::PresignedUrlConfig)

    Configuration information for pre-signed S3 URLs.

  • :target_selection (String)

    Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group.

  • :job_executions_rollout_config (Types::JobExecutionsRolloutConfig)

    Allows you to create a staged rollout of the job.

  • :abort_config (Types::AbortConfig)

    Allows you to create criteria to abort a job.

  • :timeout_config (Types::TimeoutConfig)

    Specifies the amount of time each device has to finish its execution of the job. The timer is started when the job execution status is set to IN_PROGRESS. If the job execution status is not set to another terminal state before the time expires, it will be automatically set to TIMED_OUT.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the job.

  • :namespace_id (String)

    The namespace used to indicate that a job is a customer-managed job.

    When you specify a value for this parameter, AWS IoT Core sends jobs notifications to MQTT topics that contain the value in the following format.

    $aws/things/THING_NAME/jobs/JOB_ID/notify-namespace-NAMESPACE_ID/

    The namespaceId feature is in public preview.

Returns:

#create_keys_and_certificate(options = {}) ⇒ Types::CreateKeysAndCertificateResponse

Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key. You can also call CreateKeysAndCertificate over MQTT from a device, for more information, see Provisioning MQTT API.

Note This is the only time AWS IoT issues the private key for this certificate, so it is important to keep it in a secure location.

Examples:

Request syntax with placeholder values


resp = client.create_keys_and_certificate({
  set_as_active: false,
})

Response structure


resp.certificate_arn #=> String
resp.certificate_id #=> String
resp.certificate_pem #=> String
resp.key_pair.public_key #=> String
resp.key_pair.private_key #=> String

Options Hash (options):

  • :set_as_active (Boolean)

    Specifies whether the certificate is active.

Returns:

#create_mitigation_action(options = {}) ⇒ Types::CreateMitigationActionResponse

Defines an action that can be applied to audit findings by using StartAuditMitigationActionsTask. Only certain types of mitigation actions can be applied to specific check names. For more information, see Mitigation actions. Each mitigation action can apply only one type of change.

Examples:

Request syntax with placeholder values


resp = client.create_mitigation_action({
  action_name: "MitigationActionName", # required
  role_arn: "RoleArn", # required
  action_params: { # required
    update_device_certificate_params: {
      action: "DEACTIVATE", # required, accepts DEACTIVATE
    },
    update_ca_certificate_params: {
      action: "DEACTIVATE", # required, accepts DEACTIVATE
    },
    add_things_to_thing_group_params: {
      thing_group_names: ["ThingGroupName"], # required
      override_dynamic_groups: false,
    },
    replace_default_policy_version_params: {
      template_name: "BLANK_POLICY", # required, accepts BLANK_POLICY
    },
    enable_io_t_logging_params: {
      role_arn_for_logging: "RoleArn", # required
      log_level: "DEBUG", # required, accepts DEBUG, INFO, ERROR, WARN, DISABLED
    },
    publish_finding_to_sns_params: {
      topic_arn: "SnsTopicArn", # required
    },
  },
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.action_arn #=> String
resp.action_id #=> String

Options Hash (options):

  • :action_name (required, String)

    A friendly name for the action. Choose a friendly name that accurately describes the action (for example, EnableLoggingAction).

  • :role_arn (required, String)

    The ARN of the IAM role that is used to apply the mitigation action.

  • :action_params (required, Types::MitigationActionParams)

    Defines the type of action and the parameters for that action.

  • :tags (Array<Types::Tag>)

    Metadata that can be used to manage the mitigation action.

Returns:

#create_ota_update(options = {}) ⇒ Types::CreateOTAUpdateResponse

Creates an AWS IoT OTAUpdate on a target group of things or groups.

Examples:

Request syntax with placeholder values


resp = client.create_ota_update({
  ota_update_id: "OTAUpdateId", # required
  description: "OTAUpdateDescription",
  targets: ["Target"], # required
  protocols: ["MQTT"], # accepts MQTT, HTTP
  target_selection: "CONTINUOUS", # accepts CONTINUOUS, SNAPSHOT
  aws_job_executions_rollout_config: {
    maximum_per_minute: 1,
    exponential_rate: {
      base_rate_per_minute: 1, # required
      increment_factor: 1.0, # required
      rate_increase_criteria: { # required
        number_of_notified_things: 1,
        number_of_succeeded_things: 1,
      },
    },
  },
  aws_job_presigned_url_config: {
    expires_in_sec: 1,
  },
  aws_job_abort_config: {
    abort_criteria_list: [ # required
      {
        failure_type: "FAILED", # required, accepts FAILED, REJECTED, TIMED_OUT, ALL
        action: "CANCEL", # required, accepts CANCEL
        threshold_percentage: 1.0, # required
        min_number_of_executed_things: 1, # required
      },
    ],
  },
  aws_job_timeout_config: {
    in_progress_timeout_in_minutes: 1,
  },
  files: [ # required
    {
      file_name: "FileName",
      file_version: "OTAUpdateFileVersion",
      file_location: {
        stream: {
          stream_id: "StreamId",
          file_id: 1,
        },
        s3_location: {
          bucket: "S3Bucket",
          key: "S3Key",
          version: "S3Version",
        },
      },
      code_signing: {
        aws_signer_job_id: "SigningJobId",
        start_signing_job_parameter: {
          signing_profile_parameter: {
            certificate_arn: "CertificateArn",
            platform: "Platform",
            certificate_path_on_device: "CertificatePathOnDevice",
          },
          signing_profile_name: "SigningProfileName",
          destination: {
            s3_destination: {
              bucket: "S3Bucket",
              prefix: "Prefix",
            },
          },
        },
        custom_code_signing: {
          signature: {
            inline_document: "data",
          },
          certificate_chain: {
            certificate_name: "CertificateName",
            inline_document: "InlineDocument",
          },
          hash_algorithm: "HashAlgorithm",
          signature_algorithm: "SignatureAlgorithm",
        },
      },
      attributes: {
        "AttributeKey" => "Value",
      },
    },
  ],
  role_arn: "RoleArn", # required
  additional_parameters: {
    "AttributeKey" => "Value",
  },
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.ota_update_id #=> String
resp.aws_iot_job_id #=> String
resp.ota_update_arn #=> String
resp.aws_iot_job_arn #=> String
resp.ota_update_status #=> String, one of "CREATE_PENDING", "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "CREATE_FAILED"

Options Hash (options):

  • :ota_update_id (required, String)

    The ID of the OTA update to be created.

  • :description (String)

    The description of the OTA update.

  • :targets (required, Array<String>)

    The devices targeted to receive OTA updates.

  • :protocols (Array<String>)

    The protocol used to transfer the OTA update image. Valid values are [HTTP], [MQTT], [HTTP, MQTT]. When both HTTP and MQTT are specified, the target device can choose the protocol.

  • :target_selection (String)

    Specifies whether the update will continue to run (CONTINUOUS), or will be complete after all the things specified as targets have completed the update (SNAPSHOT). If continuous, the update may also be run on a thing when a change is detected in a target. For example, an update will run on a thing when the thing is added to a target group, even after the update was completed by all things originally in the group. Valid values: CONTINUOUS | SNAPSHOT.

  • :aws_job_executions_rollout_config (Types::AwsJobExecutionsRolloutConfig)

    Configuration for the rollout of OTA updates.

  • :aws_job_presigned_url_config (Types::AwsJobPresignedUrlConfig)

    Configuration information for pre-signed URLs.

  • :aws_job_abort_config (Types::AwsJobAbortConfig)

    The criteria that determine when and how a job abort takes place.

  • :aws_job_timeout_config (Types::AwsJobTimeoutConfig)

    Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to IN_PROGRESS. If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to TIMED_OUT.

  • :files (required, Array<Types::OTAUpdateFile>)

    The files to be streamed by the OTA update.

  • :role_arn (required, String)

    The IAM role that grants AWS IoT access to the Amazon S3, AWS IoT jobs and AWS Code Signing resources to create an OTA update job.

  • :additional_parameters (Hash<String,String>)

    A list of additional OTA update parameters which are name-value pairs.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage updates.

Returns:

#create_policy(options = {}) ⇒ Types::CreatePolicyResponse

Creates an AWS IoT policy.

The created policy is the default version for the policy. This operation creates a policy version with a version identifier of 1 and sets 1 as the policy's default version.

Examples:

Request syntax with placeholder values


resp = client.create_policy({
  policy_name: "PolicyName", # required
  policy_document: "PolicyDocument", # required
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.policy_name #=> String
resp.policy_arn #=> String
resp.policy_document #=> String
resp.policy_version_id #=> String

Options Hash (options):

  • :policy_name (required, String)

    The policy name.

  • :policy_document (required, String)

    The JSON document that describes the policy. policyDocument must have a minimum length of 1, with a maximum length of 2048, excluding whitespace.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the policy.

    For URI Request parameters use format: ...key1=value1&key2=value2...

    For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"

    For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"

Returns:

#create_policy_version(options = {}) ⇒ Types::CreatePolicyVersionResponse

Creates a new version of the specified AWS IoT policy. To update a policy, create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must use DeletePolicyVersion to delete an existing version before you create a new one.

Optionally, you can set the new version as the policy's default version. The default version is the operative version (that is, the version that is in effect for the certificates to which the policy is attached).

Examples:

Request syntax with placeholder values


resp = client.create_policy_version({
  policy_name: "PolicyName", # required
  policy_document: "PolicyDocument", # required
  set_as_default: false,
})

Response structure


resp.policy_arn #=> String
resp.policy_document #=> String
resp.policy_version_id #=> String
resp.is_default_version #=> true/false

Options Hash (options):

  • :policy_name (required, String)

    The policy name.

  • :policy_document (required, String)

    The JSON document that describes the policy. Minimum length of 1. Maximum length of 2048, excluding whitespace.

  • :set_as_default (Boolean)

    Specifies whether the policy version is set as the default. When this parameter is true, the new policy version becomes the operative version (that is, the version that is in effect for the certificates to which the policy is attached).

Returns:

#create_provisioning_claim(options = {}) ⇒ Types::CreateProvisioningClaimResponse

Creates a provisioning claim.

Examples:

Request syntax with placeholder values


resp = client.create_provisioning_claim({
  template_name: "TemplateName", # required
})

Response structure


resp.certificate_id #=> String
resp.certificate_pem #=> String
resp.key_pair.public_key #=> String
resp.key_pair.private_key #=> String
resp.expiration #=> Time

Options Hash (options):

  • :template_name (required, String)

    The name of the provisioning template to use.

Returns:

#create_provisioning_template(options = {}) ⇒ Types::CreateProvisioningTemplateResponse

Creates a fleet provisioning template.

Examples:

Request syntax with placeholder values


resp = client.create_provisioning_template({
  template_name: "TemplateName", # required
  description: "TemplateDescription",
  template_body: "TemplateBody", # required
  enabled: false,
  provisioning_role_arn: "RoleArn", # required
  pre_provisioning_hook: {
    payload_version: "PayloadVersion",
    target_arn: "TargetArn", # required
  },
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.template_arn #=> String
resp.template_name #=> String
resp.default_version_id #=> Integer

Options Hash (options):

  • :template_name (required, String)

    The name of the fleet provisioning template.

  • :description (String)

    The description of the fleet provisioning template.

  • :template_body (required, String)

    The JSON formatted contents of the fleet provisioning template.

  • :enabled (Boolean)

    True to enable the fleet provisioning template, otherwise false.

  • :provisioning_role_arn (required, String)

    The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.

  • :pre_provisioning_hook (Types::ProvisioningHook)

    Creates a pre-provisioning hook template.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the fleet provisioning template.

    For URI Request parameters use format: ...key1=value1&key2=value2...

    For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"

    For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"

Returns:

#create_provisioning_template_version(options = {}) ⇒ Types::CreateProvisioningTemplateVersionResponse

Creates a new version of a fleet provisioning template.

Examples:

Request syntax with placeholder values


resp = client.create_provisioning_template_version({
  template_name: "TemplateName", # required
  template_body: "TemplateBody", # required
  set_as_default: false,
})

Response structure


resp.template_arn #=> String
resp.template_name #=> String
resp.version_id #=> Integer
resp.is_default_version #=> true/false

Options Hash (options):

  • :template_name (required, String)

    The name of the fleet provisioning template.

  • :template_body (required, String)

    The JSON formatted contents of the fleet provisioning template.

  • :set_as_default (Boolean)

    Sets a fleet provision template version as the default version.

Returns:

#create_role_alias(options = {}) ⇒ Types::CreateRoleAliasResponse

Creates a role alias.

Examples:

Request syntax with placeholder values


resp = client.create_role_alias({
  role_alias: "RoleAlias", # required
  role_arn: "RoleArn", # required
  credential_duration_seconds: 1,
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.role_alias #=> String
resp.role_alias_arn #=> String

Options Hash (options):

  • :role_alias (required, String)

    The role alias that points to a role ARN. This allows you to change the role without having to update the device.

  • :role_arn (required, String)

    The role ARN.

  • :credential_duration_seconds (Integer)

    How long (in seconds) the credentials will be valid.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the role alias.

    For URI Request parameters use format: ...key1=value1&key2=value2...

    For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"

    For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"

Returns:

#create_scheduled_audit(options = {}) ⇒ Types::CreateScheduledAuditResponse

Creates a scheduled audit that is run at a specified time interval.

Examples:

Request syntax with placeholder values


resp = client.create_scheduled_audit({
  frequency: "DAILY", # required, accepts DAILY, WEEKLY, BIWEEKLY, MONTHLY
  day_of_month: "DayOfMonth",
  day_of_week: "SUN", # accepts SUN, MON, TUE, WED, THU, FRI, SAT
  target_check_names: ["AuditCheckName"], # required
  scheduled_audit_name: "ScheduledAuditName", # required
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.scheduled_audit_arn #=> String

Options Hash (options):

  • :frequency (required, String)

    How often the scheduled audit takes place. Can be one of \"DAILY\", \"WEEKLY\", \"BIWEEKLY\" or \"MONTHLY\". The start time of each audit is determined by the system.

  • :day_of_month (String)

    The day of the month on which the scheduled audit takes place. Can be \"1\" through \"31\" or \"LAST\". This field is required if the \"frequency\" parameter is set to \"MONTHLY\". If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.

  • :day_of_week (String)

    The day of the week on which the scheduled audit takes place. Can be one of \"SUN\", \"MON\", \"TUE\", \"WED\", \"THU\", \"FRI\", or \"SAT\". This field is required if the \"frequency\" parameter is set to \"WEEKLY\" or \"BIWEEKLY\".

  • :target_check_names (required, Array<String>)

    Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use DescribeAccountAuditConfiguration to see the list of all checks, including those that are enabled or use UpdateAccountAuditConfiguration to select which checks are enabled.)

  • :scheduled_audit_name (required, String)

    The name you want to give to the scheduled audit. (Max. 128 chars)

  • :tags (Array<Types::Tag>)

    Metadata that can be used to manage the scheduled audit.

Returns:

#create_security_profile(options = {}) ⇒ Types::CreateSecurityProfileResponse

Creates a Device Defender security profile.

Examples:

Request syntax with placeholder values


resp = client.create_security_profile({
  security_profile_name: "SecurityProfileName", # required
  security_profile_description: "SecurityProfileDescription",
  behaviors: [
    {
      name: "BehaviorName", # required
      metric: "BehaviorMetric",
      metric_dimension: {
        dimension_name: "DimensionName", # required
        operator: "IN", # accepts IN, NOT_IN
      },
      criteria: {
        comparison_operator: "less-than", # accepts less-than, less-than-equals, greater-than, greater-than-equals, in-cidr-set, not-in-cidr-set, in-port-set, not-in-port-set
        value: {
          count: 1,
          cidrs: ["Cidr"],
          ports: [1],
        },
        duration_seconds: 1,
        consecutive_datapoints_to_alarm: 1,
        consecutive_datapoints_to_clear: 1,
        statistical_threshold: {
          statistic: "EvaluationStatistic",
        },
      },
    },
  ],
  alert_targets: {
    "SNS" => {
      alert_target_arn: "AlertTargetArn", # required
      role_arn: "RoleArn", # required
    },
  },
  additional_metrics_to_retain: ["BehaviorMetric"],
  additional_metrics_to_retain_v2: [
    {
      metric: "BehaviorMetric", # required
      metric_dimension: {
        dimension_name: "DimensionName", # required
        operator: "IN", # accepts IN, NOT_IN
      },
    },
  ],
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.security_profile_name #=> String
resp.security_profile_arn #=> String

Options Hash (options):

  • :security_profile_name (required, String)

    The name you are giving to the security profile.

  • :security_profile_description (String)

    A description of the security profile.

  • :behaviors (Array<Types::Behavior>)

    Specifies the behaviors that, when violated by a device (thing), cause an alert.

  • :alert_targets (Hash<String,Types::AlertTarget>)

    Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.

  • :additional_metrics_to_retain (Array<String>)

    Please use CreateSecurityProfileRequest$additionalMetricsToRetainV2 instead.

    A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile\'s behaviors, but it is also retained for any metric specified here.

  • :additional_metrics_to_retain_v2 (Array<Types::MetricToRetain>)

    A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile\'s behaviors, but it is also retained for any metric specified here.

  • :tags (Array<Types::Tag>)

    Metadata that can be used to manage the security profile.

Returns:

#create_stream(options = {}) ⇒ Types::CreateStreamResponse

Creates a stream for delivering one or more large files in chunks over MQTT. A stream transports data bytes in chunks or blocks packaged as MQTT messages from a source like S3. You can have one or more files associated with a stream.

Examples:

Request syntax with placeholder values


resp = client.create_stream({
  stream_id: "StreamId", # required
  description: "StreamDescription",
  files: [ # required
    {
      file_id: 1,
      s3_location: {
        bucket: "S3Bucket",
        key: "S3Key",
        version: "S3Version",
      },
    },
  ],
  role_arn: "RoleArn", # required
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.stream_id #=> String
resp.stream_arn #=> String
resp.description #=> String
resp.stream_version #=> Integer

Options Hash (options):

  • :stream_id (required, String)

    The stream ID.

  • :description (String)

    A description of the stream.

  • :files (required, Array<Types::StreamFile>)

    The files to stream.

  • :role_arn (required, String)

    An IAM role that allows the IoT service principal assumes to access your S3 files.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage streams.

Returns:

#create_thing(options = {}) ⇒ Types::CreateThingResponse

Creates a thing record in the registry. If this call is made multiple times using the same thing name and configuration, the call will succeed. If this call is made with the same thing name but different configuration a ResourceAlreadyExistsException is thrown.

This is a control plane operation. See Authorization for information about authorizing control plane actions.

Examples:

Request syntax with placeholder values


resp = client.create_thing({
  thing_name: "ThingName", # required
  thing_type_name: "ThingTypeName",
  attribute_payload: {
    attributes: {
      "AttributeName" => "AttributeValue",
    },
    merge: false,
  },
  billing_group_name: "BillingGroupName",
})

Response structure


resp.thing_name #=> String
resp.thing_arn #=> String
resp.thing_id #=> String

Options Hash (options):

  • :thing_name (required, String)

    The name of the thing to create.

    You can\'t change a thing\'s name after you create it. To change a thing\'s name, you must create a new thing, give it the new name, and then delete the old thing.

  • :thing_type_name (String)

    The name of the thing type associated with the new thing.

  • :attribute_payload (Types::AttributePayload)

    The attribute payload, which consists of up to three name/value pairs in a JSON document. For example:

    `{\"attributes\":{\"string1\":\"string2\"}}`

  • :billing_group_name (String)

    The name of the billing group the thing will be added to.

Returns:

#create_thing_group(options = {}) ⇒ Types::CreateThingGroupResponse

Create a thing group.

This is a control plane operation. See Authorization for information about authorizing control plane actions.

Examples:

Request syntax with placeholder values


resp = client.create_thing_group({
  thing_group_name: "ThingGroupName", # required
  parent_group_name: "ThingGroupName",
  thing_group_properties: {
    thing_group_description: "ThingGroupDescription",
    attribute_payload: {
      attributes: {
        "AttributeName" => "AttributeValue",
      },
      merge: false,
    },
  },
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.thing_group_name #=> String
resp.thing_group_arn #=> String
resp.thing_group_id #=> String

Options Hash (options):

  • :thing_group_name (required, String)

    The thing group name to create.

  • :parent_group_name (String)

    The name of the parent thing group.

  • :thing_group_properties (Types::ThingGroupProperties)

    The thing group properties.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the thing group.

Returns:

#create_thing_type(options = {}) ⇒ Types::CreateThingTypeResponse

Creates a new thing type.

Examples:

Request syntax with placeholder values


resp = client.create_thing_type({
  thing_type_name: "ThingTypeName", # required
  thing_type_properties: {
    thing_type_description: "ThingTypeDescription",
    searchable_attributes: ["AttributeName"],
  },
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
})

Response structure


resp.thing_type_name #=> String
resp.thing_type_arn #=> String
resp.thing_type_id #=> String

Options Hash (options):

  • :thing_type_name (required, String)

    The name of the thing type.

  • :thing_type_properties (Types::ThingTypeProperties)

    The ThingTypeProperties for the thing type to create. It contains information about the new thing type including a description, and a list of searchable thing attribute names.

  • :tags (Array<Types::Tag>)

    Metadata which can be used to manage the thing type.

Returns:

#create_topic_rule(options = {}) ⇒ Struct

Creates a rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.

Examples:

Request syntax with placeholder values


resp = client.create_topic_rule({
  rule_name: "RuleName", # required
  topic_rule_payload: { # required
    sql: "SQL", # required
    description: "Description",
    actions: [ # required
      {
        dynamo_db: {
          table_name: "TableName", # required
          role_arn: "AwsArn", # required
          operation: "DynamoOperation",
          hash_key_field: "HashKeyField", # required
          hash_key_value: "HashKeyValue", # required
          hash_key_type: "STRING", # accepts STRING, NUMBER
          range_key_field: "RangeKeyField",
          range_key_value: "RangeKeyValue",
          range_key_type: "STRING", # accepts STRING, NUMBER
          payload_field: "PayloadField",
        },
        dynamo_d_bv_2: {
          role_arn: "AwsArn", # required
          put_item: { # required
            table_name: "TableName", # required
          },
        },
        lambda: {
          function_arn: "FunctionArn", # required
        },
        sns: {
          target_arn: "AwsArn", # required
          role_arn: "AwsArn", # required
          message_format: "RAW", # accepts RAW, JSON
        },
        sqs: {
          role_arn: "AwsArn", # required
          queue_url: "QueueUrl", # required
          use_base_64: false,
        },
        kinesis: {
          role_arn: "AwsArn", # required
          stream_name: "StreamName", # required
          partition_key: "PartitionKey",
        },
        republish: {
          role_arn: "AwsArn", # required
          topic: "TopicPattern", # required
          qos: 1,
        },
        s3: {
          role_arn: "AwsArn", # required
          bucket_name: "BucketName", # required
          key: "Key", # required
          canned_acl: "private", # accepts private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, bucket-owner-full-control, log-delivery-write
        },
        firehose: {
          role_arn: "AwsArn", # required
          delivery_stream_name: "DeliveryStreamName", # required
          separator: "FirehoseSeparator",
          batch_mode: false,
        },
        cloudwatch_metric: {
          role_arn: "AwsArn", # required
          metric_namespace: "String", # required
          metric_name: "String", # required
          metric_value: "String", # required
          metric_unit: "String", # required
          metric_timestamp: "String",
        },
        cloudwatch_alarm: {
          role_arn: "AwsArn", # required
          alarm_name: "AlarmName", # required
          state_reason: "StateReason", # required
          state_value: "StateValue", # required
        },
        cloudwatch_logs: {
          role_arn: "AwsArn", # required
          log_group_name: "LogGroupName", # required
        },
        elasticsearch: {
          role_arn: "AwsArn", # required
          endpoint: "ElasticsearchEndpoint", # required
          index: "ElasticsearchIndex", # required
          type: "ElasticsearchType", # required
          id: "ElasticsearchId", # required
        },
        salesforce: {
          token: "SalesforceToken", # required
          url: "SalesforceEndpoint", # required
        },
        iot_analytics: {
          channel_arn: "AwsArn",
          channel_name: "ChannelName",
          batch_mode: false,
          role_arn: "AwsArn",
        },
        iot_events: {
          input_name: "InputName", # required
          message_id: "MessageId",
          batch_mode: false,
          role_arn: "AwsArn", # required
        },
        iot_site_wise: {
          put_asset_property_value_entries: [ # required
            {
              entry_id: "AssetPropertyEntryId",
              asset_id: "AssetId",
              property_id: "AssetPropertyId",
              property_alias: "AssetPropertyAlias",
              property_values: [ # required
                {
                  value: { # required
                    string_value: "AssetPropertyStringValue",
                    integer_value: "AssetPropertyIntegerValue",
                    double_value: "AssetPropertyDoubleValue",
                    boolean_value: "AssetPropertyBooleanValue",
                  },
                  timestamp: { # required
                    time_in_seconds: "AssetPropertyTimeInSeconds", # required
                    offset_in_nanos: "AssetPropertyOffsetInNanos",
                  },
                  quality: "AssetPropertyQuality",
                },
              ],
            },
          ],
          role_arn: "AwsArn", # required
        },
        step_functions: {
          execution_name_prefix: "ExecutionNamePrefix",
          state_machine_name: "StateMachineName", # required
          role_arn: "AwsArn", # required
        },
        timestream: {
          role_arn: "AwsArn", # required
          database_name: "TimestreamDatabaseName", # required
          table_name: "TimestreamTableName", # required
          dimensions: [ # required
            {
              name: "TimestreamDimensionName", # required
              value: "TimestreamDimensionValue", # required
            },
          ],
          timestamp: {
            value: "TimestreamTimestampValue", # required
            unit: "TimestreamTimestampUnit", # required
          },
        },
        http: {
          url: "Url", # required
          confirmation_url: "Url",
          headers: [
            {
              key: "HeaderKey", # required
              value: "HeaderValue", # required
            },
          ],
          auth: {
            sigv4: {
              signing_region: "SigningRegion", # required
              service_name: "ServiceName", # required
              role_arn: "AwsArn", # required
            },
          },
        },
      },
    ],
    rule_disabled: false,
    aws_iot_sql_version: "AwsIotSqlVersion",
    error_action: {
      dynamo_db: {
        table_name: "TableName", # required
        role_arn: "AwsArn", # required
        operation: "DynamoOperation",
        hash_key_field: "HashKeyField", # required
        hash_key_value: "HashKeyValue", # required
        hash_key_type: "STRING", # accepts STRING, NUMBER
        range_key_field: "RangeKeyField",
        range_key_value: "RangeKeyValue",
        range_key_type: "STRING", # accepts STRING, NUMBER
        payload_field: "PayloadField",
      },
      dynamo_d_bv_2: {
        role_arn: "AwsArn", # required
        put_item: { # required
          table_name: "TableName", # required
        },
      },
      lambda: {
        function_arn: "FunctionArn", # required
      },
      sns: {
        target_arn: "AwsArn", # required
        role_arn: "AwsArn", # required
        message_format: "RAW", # accepts RAW, JSON
      },
      sqs: {
        role_arn: "AwsArn", # required
        queue_url: "QueueUrl", # required
        use_base_64: false,
      },
      kinesis: {
        role_arn: "AwsArn", # required
        stream_name: "StreamName", # required
        partition_key: "PartitionKey",
      },
      republish: {
        role_arn: "AwsArn", # required
        topic: "TopicPattern", # required
        qos: 1,
      },
      s3: {
        role_arn: "AwsArn", # required
        bucket_name: "BucketName", # required
        key: "Key", # required
        canned_acl: "private", # accepts private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, bucket-owner-full-control, log-delivery-write
      },
      firehose: {
        role_arn: "AwsArn", # required
        delivery_stream_name: "DeliveryStreamName", # required
        separator: "FirehoseSeparator",
        batch_mode: false,
      },
      cloudwatch_metric: {
        role_arn: "AwsArn", # required
        metric_namespace: "String", # required
        metric_name: "String", # required
        metric_value: "String", # required
        metric_unit: "String", # required
        metric_timestamp: "String",
      },
      cloudwatch_alarm: {
        role_arn: "AwsArn", # required
        alarm_name: "AlarmName", # required
        state_reason: "StateReason", # required
        state_value: "StateValue", # required
      },
      cloudwatch_logs: {
        role_arn: "AwsArn", # required
        log_group_name: "LogGroupName", # required
      },
      elasticsearch: {
        role_arn: "AwsArn", # required
        endpoint: "ElasticsearchEndpoint", # required
        index: "ElasticsearchIndex", # required
        type: "ElasticsearchType", # required
        id: "ElasticsearchId", # required
      },
      salesforce: {
        token: "SalesforceToken", # required
        url: "SalesforceEndpoint", # required
      },
      iot_analytics: {
        channel_arn: "AwsArn",
        channel_name: "ChannelName",
        batch_mode: false,
        role_arn: "AwsArn",
      },
      iot_events: {
        input_name: "InputName", # required
        message_id: "MessageId",
        batch_mode: false,
        role_arn: "AwsArn", # required
      },
      iot_site_wise: {
        put_asset_property_value_entries: [ # required
          {
            entry_id: "AssetPropertyEntryId",
            asset_id: "AssetId",
            property_id: "AssetPropertyId",
            property_alias: "AssetPropertyAlias",
            property_values: [ # required
              {
                value: { # required
                  string_value: "AssetPropertyStringValue",
                  integer_value: "AssetPropertyIntegerValue",
                  double_value: "AssetPropertyDoubleValue",
                  boolean_value: "AssetPropertyBooleanValue",
                },
                timestamp: { # required
                  time_in_seconds: "AssetPropertyTimeInSeconds", # required
                  offset_in_nanos: "AssetPropertyOffsetInNanos",
                },
                quality: "AssetPropertyQuality",
              },
            ],
          },
        ],
        role_arn: "AwsArn", # required
      },
      step_functions: {
        execution_name_prefix: "ExecutionNamePrefix",
        state_machine_name: "StateMachineName", # required
        role_arn: "AwsArn", # required
      },
      timestream: {
        role_arn: "AwsArn", # required
        database_name: "TimestreamDatabaseName", # required
        table_name: "TimestreamTableName", # required
        dimensions: [ # required
          {
            name: "TimestreamDimensionName", # required
            value: "TimestreamDimensionValue", # required
          },
        ],
        timestamp: {
          value: "TimestreamTimestampValue", # required
          unit: "TimestreamTimestampUnit", # required
        },
      },
      http: {
        url: "Url", # required
        confirmation_url: "Url",
        headers: [
          {
            key: "HeaderKey", # required
            value: "HeaderValue", # required
          },
        ],
        auth: {
          sigv4: {
            signing_region: "SigningRegion", # required
            service_name: "ServiceName", # required
            role_arn: "AwsArn", # required
          },
        },
      },
    },
  },
  tags: "String",
})

Options Hash (options):

  • :rule_name (required, String)

    The name of the rule.

  • :topic_rule_payload (required, Types::TopicRulePayload)

    The rule payload.

  • :tags (String)

    Metadata which can be used to manage the topic rule.

    For URI Request parameters use format: ...key1=value1&key2=value2...

    For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"

    For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"

Returns:

  • (Struct)

    Returns an empty response.

#create_topic_rule_destination(options = {}) ⇒ Types::CreateTopicRuleDestinationResponse

Creates a topic rule destination. The destination must be confirmed prior to use.

Examples:

Request syntax with placeholder values


resp = client.create_topic_rule_destination({
  destination_configuration: { # required
    http_url_configuration: {
      confirmation_url: "Url", # required
    },
  },
})

Response structure


resp.topic_rule_destination.arn #=> String
resp.topic_rule_destination.status #=> String, one of "ENABLED", "IN_PROGRESS", "DISABLED", "ERROR"
resp.topic_rule_destination.status_reason #=> String
resp.topic_rule_destination.http_url_properties.confirmation_url #=> String

Options Hash (options):

Returns:

#delete_account_audit_configuration(options = {}) ⇒ Struct

Restores the default settings for Device Defender audits for this account. Any configuration data you entered is deleted and all audit checks are reset to disabled.

Examples:

Request syntax with placeholder values


resp = client.({
  delete_scheduled_audits: false,
})

Options Hash (options):

  • :delete_scheduled_audits (Boolean)

    If true, all scheduled audits are deleted.

Returns:

  • (Struct)

    Returns an empty response.

#delete_audit_suppression(options = {}) ⇒ Struct

Deletes a Device Defender audit suppression.

Examples:

Request syntax with placeholder values


resp = client.delete_audit_suppression({
  check_name: "AuditCheckName", # required
  resource_identifier: { # required
    device_certificate_id: "CertificateId",
    ca_certificate_id: "CertificateId",
    cognito_identity_pool_id: "CognitoIdentityPoolId",
    client_id: "ClientId",
    policy_version_identifier: {
      policy_name: "PolicyName",
      policy_version_id: "PolicyVersionId",
    },
    account: "AwsAccountId",
    iam_role_arn: "RoleArn",
    role_alias_arn: "RoleAliasArn",
  },
})

Options Hash (options):

  • :check_name (required, String)

    An audit check name. Checks must be enabled for your account. (Use DescribeAccountAuditConfiguration to see the list of all checks, including those that are enabled or use UpdateAccountAuditConfiguration to select which checks are enabled.)

  • :resource_identifier (required, Types::ResourceIdentifier)

    Information that identifies the noncompliant resource.

Returns:

  • (Struct)

    Returns an empty response.

#delete_authorizer(options = {}) ⇒ Struct

Deletes an authorizer.

Examples:

Request syntax with placeholder values


resp = client.delete_authorizer({
  authorizer_name: "AuthorizerName", # required
})

Options Hash (options):

  • :authorizer_name (required, String)

    The name of the authorizer to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_billing_group(options = {}) ⇒ Struct

Deletes the billing group.

Examples:

Request syntax with placeholder values


resp = client.delete_billing_group({
  billing_group_name: "BillingGroupName", # required
  expected_version: 1,
})

Options Hash (options):

  • :billing_group_name (required, String)

    The name of the billing group.

  • :expected_version (Integer)

    The expected version of the billing group. If the version of the billing group does not match the expected version specified in the request, the DeleteBillingGroup request is rejected with a VersionConflictException.

Returns:

  • (Struct)

    Returns an empty response.

#delete_ca_certificate(options = {}) ⇒ Struct

Deletes a registered CA certificate.

Examples:

Request syntax with placeholder values


resp = client.delete_ca_certificate({
  certificate_id: "CertificateId", # required
})

Options Hash (options):

  • :certificate_id (required, String)

    The ID of the certificate to delete. (The last part of the certificate ARN contains the certificate ID.)

Returns:

  • (Struct)

    Returns an empty response.

#delete_certificate(options = {}) ⇒ Struct

Deletes the specified certificate.

A certificate cannot be deleted if it has a policy or IoT thing attached to it or if its status is set to ACTIVE. To delete a certificate, first use the DetachPrincipalPolicy API to detach all policies. Next, use the UpdateCertificate API to set the certificate to the INACTIVE status.

Examples:

Request syntax with placeholder values


resp = client.delete_certificate({
  certificate_id: "CertificateId", # required
  force_delete: false,
})

Options Hash (options):

  • :certificate_id (required, String)

    The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)

  • :force_delete (Boolean)

    Forces the deletion of a certificate if it is inactive and is not attached to an IoT thing.

Returns:

  • (Struct)

    Returns an empty response.

#delete_dimension(options = {}) ⇒ Struct

Removes the specified dimension from your AWS account.

Examples:

Request syntax with placeholder values


resp = client.delete_dimension({
  name: "DimensionName", # required
})

Options Hash (options):

  • :name (required, String)

    The unique identifier for the dimension that you want to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_domain_configuration(options = {}) ⇒ Struct

Deletes the specified domain configuration.

The domain configuration feature is in public preview and is subject to change.

Examples:

Request syntax with placeholder values


resp = client.delete_domain_configuration({
  domain_configuration_name: "DomainConfigurationName", # required
})

Options Hash (options):

  • :domain_configuration_name (required, String)

    The name of the domain configuration to be deleted.

Returns:

  • (Struct)

    Returns an empty response.

#delete_dynamic_thing_group(options = {}) ⇒ Struct

Deletes a dynamic thing group.

Examples:

Request syntax with placeholder values


resp = client.delete_dynamic_thing_group({
  thing_group_name: "ThingGroupName", # required
  expected_version: 1,
})

Options Hash (options):

  • :thing_group_name (required, String)

    The name of the dynamic thing group to delete.

  • :expected_version (Integer)

    The expected version of the dynamic thing group to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_job(options = {}) ⇒ Struct

Deletes a job and its related job executions.

Deleting a job may take time, depending on the number of job executions created for the job and various other factors. While the job is being deleted, the status of the job will be shown as "DELETION_IN_PROGRESS". Attempting to delete or cancel a job whose status is already "DELETION_IN_PROGRESS" will result in an error.

Only 10 jobs may have status "DELETION_IN_PROGRESS" at the same time, or a LimitExceededException will occur.

Examples:

Request syntax with placeholder values


resp = client.delete_job({
  job_id: "JobId", # required
  force: false,
  namespace_id: "NamespaceId",
})

Options Hash (options):

  • :job_id (required, String)

    The ID of the job to be deleted.

    After a job deletion is completed, you may reuse this jobId when you create a new job. However, this is not recommended, and you must ensure that your devices are not using the jobId to refer to the deleted job.

  • :force (Boolean) — default: Optional

    When true, you can delete a job which is \"IN_PROGRESS\". Otherwise, you can only delete a job which is in a terminal state (\"COMPLETED\" or \"CANCELED\") or an exception will occur. The default is false.

    Deleting a job which is \"IN_PROGRESS\", will cause a device which is executing the job to be unable to access job information or update the job execution status. Use caution and ensure that each device executing a job which is deleted is able to recover to a valid state.

  • :namespace_id (String)

    The namespace used to indicate that a job is a customer-managed job.

    When you specify a value for this parameter, AWS IoT Core sends jobs notifications to MQTT topics that contain the value in the following format.

    $aws/things/THING_NAME/jobs/JOB_ID/notify-namespace-NAMESPACE_ID/

    The namespaceId feature is in public preview.

Returns:

  • (Struct)

    Returns an empty response.

#delete_job_execution(options = {}) ⇒ Struct

Deletes a job execution.

Examples:

Request syntax with placeholder values


resp = client.delete_job_execution({
  job_id: "JobId", # required
  thing_name: "ThingName", # required
  execution_number: 1, # required
  force: false,
  namespace_id: "NamespaceId",
})

Options Hash (options):

  • :job_id (required, String)

    The ID of the job whose execution on a particular device will be deleted.

  • :thing_name (required, String)

    The name of the thing whose job execution will be deleted.

  • :execution_number (required, Integer)

    The ID of the job execution to be deleted. The executionNumber refers to the execution of a particular job on a particular device.

    Note that once a job execution is deleted, the executionNumber may be reused by IoT, so be sure you get and use the correct value here.

  • :force (Boolean) — default: Optional

    When true, you can delete a job execution which is \"IN_PROGRESS\". Otherwise, you can only delete a job execution which is in a terminal state (\"SUCCEEDED\", \"FAILED\", \"REJECTED\", \"REMOVED\" or \"CANCELED\") or an exception will occur. The default is false.

    Deleting a job execution which is \"IN_PROGRESS\", will cause the device to be unable to access job information or update the job execution status. Use caution and ensure that the device is able to recover to a valid state.

  • :namespace_id (String)

    The namespace used to indicate that a job is a customer-managed job.

    When you specify a value for this parameter, AWS IoT Core sends jobs notifications to MQTT topics that contain the value in the following format.

    $aws/things/THING_NAME/jobs/JOB_ID/notify-namespace-NAMESPACE_ID/

    The namespaceId feature is in public preview.

Returns:

  • (Struct)

    Returns an empty response.

#delete_mitigation_action(options = {}) ⇒ Struct

Deletes a defined mitigation action from your AWS account.

Examples:

Request syntax with placeholder values


resp = client.delete_mitigation_action({
  action_name: "MitigationActionName", # required
})

Options Hash (options):

  • :action_name (required, String)

    The name of the mitigation action that you want to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_ota_update(options = {}) ⇒ Struct

Delete an OTA update.

Examples:

Request syntax with placeholder values


resp = client.delete_ota_update({
  ota_update_id: "OTAUpdateId", # required
  delete_stream: false,
  force_delete_aws_job: false,
})

Options Hash (options):

  • :ota_update_id (required, String)

    The ID of the OTA update to delete.

  • :delete_stream (Boolean)

    Specifies if the stream associated with an OTA update should be deleted when the OTA update is deleted.

  • :force_delete_aws_job (Boolean)

    Specifies if the AWS Job associated with the OTA update should be deleted when the OTA update is deleted.

Returns:

  • (Struct)

    Returns an empty response.

#delete_policy(options = {}) ⇒ Struct

Deletes the specified policy.

A policy cannot be deleted if it has non-default versions or it is attached to any certificate.

To delete a policy, use the DeletePolicyVersion API to delete all non-default versions of the policy; use the DetachPrincipalPolicy API to detach the policy from any certificate; and then use the DeletePolicy API to delete the policy.

When a policy is deleted using DeletePolicy, its default version is deleted with it.

Examples:

Request syntax with placeholder values


resp = client.delete_policy({
  policy_name: "PolicyName", # required
})

Options Hash (options):

  • :policy_name (required, String)

    The name of the policy to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_policy_version(options = {}) ⇒ Struct

Deletes the specified version of the specified policy. You cannot delete the default version of a policy using this API. To delete the default version of a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions.

Examples:

Request syntax with placeholder values


resp = client.delete_policy_version({
  policy_name: "PolicyName", # required
  policy_version_id: "PolicyVersionId", # required
})

Options Hash (options):

  • :policy_name (required, String)

    The name of the policy.

  • :policy_version_id (required, String)

    The policy version ID.

Returns:

  • (Struct)

    Returns an empty response.

#delete_provisioning_template(options = {}) ⇒ Struct

Deletes a fleet provisioning template.

Examples:

Request syntax with placeholder values


resp = client.delete_provisioning_template({
  template_name: "TemplateName", # required
})

Options Hash (options):

  • :template_name (required, String)

    The name of the fleet provision template to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_provisioning_template_version(options = {}) ⇒ Struct

Deletes a fleet provisioning template version.

Examples:

Request syntax with placeholder values


resp = client.delete_provisioning_template_version({
  template_name: "TemplateName", # required
  version_id: 1, # required
})

Options Hash (options):

  • :template_name (required, String)

    The name of the fleet provisioning template version to delete.

  • :version_id (required, Integer)

    The fleet provisioning template version ID to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_registration_code(options = {}) ⇒ Struct

Deletes a CA certificate registration code.

Examples:

Request syntax with placeholder values


resp = client.delete_registration_code()

Returns:

  • (Struct)

    Returns an empty response.

#delete_role_alias(options = {}) ⇒ Struct

Deletes a role alias

Examples:

Request syntax with placeholder values


resp = client.delete_role_alias({
  role_alias: "RoleAlias", # required
})

Options Hash (options):

  • :role_alias (required, String)

    The role alias to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_scheduled_audit(options = {}) ⇒ Struct

Deletes a scheduled audit.

Examples:

Request syntax with placeholder values


resp = client.delete_scheduled_audit({
  scheduled_audit_name: "ScheduledAuditName", # required
})

Options Hash (options):

  • :scheduled_audit_name (required, String)

    The name of the scheduled audit you want to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_security_profile(options = {}) ⇒ Struct

Deletes a Device Defender security profile.

Examples:

Request syntax with placeholder values


resp = client.delete_security_profile({
  security_profile_name: "SecurityProfileName", # required
  expected_version: 1,
})

Options Hash (options):

  • :security_profile_name (required, String)

    The name of the security profile to be deleted.

  • :expected_version (Integer)

    The expected version of the security profile. A new version is generated whenever the security profile is updated. If you specify a value that is different from the actual version, a VersionConflictException is thrown.

Returns:

  • (Struct)

    Returns an empty response.

#delete_stream(options = {}) ⇒ Struct

Deletes a stream.

Examples:

Request syntax with placeholder values


resp = client.delete_stream({
  stream_id: "StreamId", # required
})

Options Hash (options):

  • :stream_id (required, String)

    The stream ID.

Returns:

  • (Struct)

    Returns an empty response.

#delete_thing(options = {}) ⇒ Struct

Deletes the specified thing. Returns successfully with no error if the deletion is successful or you specify a thing that doesn't exist.

Examples:

Request syntax with placeholder values


resp = client.delete_thing({
  thing_name: "ThingName", # required
  expected_version: 1,
})

Options Hash (options):

  • :thing_name (required, String)

    The name of the thing to delete.

  • :expected_version (Integer)

    The expected version of the thing record in the registry. If the version of the record in the registry does not match the expected version specified in the request, the DeleteThing request is rejected with a VersionConflictException.

Returns:

  • (Struct)

    Returns an empty response.

#delete_thing_group(options = {}) ⇒ Struct

Deletes a thing group.

Examples:

Request syntax with placeholder values


resp = client.delete_thing_group({
  thing_group_name: "ThingGroupName", # required
  expected_version: 1,
})

Options Hash (options):

  • :thing_group_name (required, String)

    The name of the thing group to delete.

  • :expected_version (Integer)

    The expected version of the thing group to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_thing_type(options = {}) ⇒ Struct

Deletes the specified thing type. You cannot delete a thing type if it has things associated with it. To delete a thing type, first mark it as deprecated by calling DeprecateThingType, then remove any associated things by calling UpdateThing to change the thing type on any associated thing, and finally use DeleteThingType to delete the thing type.

Examples:

Request syntax with placeholder values


resp = client.delete_thing_type({
  thing_type_name: "ThingTypeName", # required
})

Options Hash (options):

  • :thing_type_name (required, String)

    The name of the thing type.

Returns:

  • (Struct)

    Returns an empty response.

#delete_topic_rule(options = {}) ⇒ Struct

Deletes the rule.

Examples:

Request syntax with placeholder values


resp = client.delete_topic_rule({
  rule_name: "RuleName", # required
})

Options Hash (options):

  • :rule_name (required, String)

    The name of the rule.

Returns:

  • (Struct)

    Returns an empty response.

#delete_topic_rule_destination(options = {}) ⇒ Struct

Deletes a topic rule destination.

Examples:

Request syntax with placeholder values


resp = client.delete_topic_rule_destination({
  arn: "AwsArn", # required
})

Options Hash (options):

  • :arn (required, String)

    The ARN of the topic rule destination to delete.

Returns:

  • (Struct)

    Returns an empty response.

#delete_v2_logging_level(options = {}) ⇒ Struct

Deletes a logging level.

Examples:

Request syntax with placeholder values


resp = client.delete_v2_logging_level({
  target_type: "DEFAULT", # required, accepts DEFAULT, THING_GROUP
  target_name: "LogTargetName", # required
})

Options Hash (options):

  • :target_type (required, String)

    The type of resource for which you are configuring logging. Must be THING_Group.

  • :target_name (required, String)

    The name of the resource for which you are configuring logging.

Returns:

  • (Struct)

    Returns an empty response.

#deprecate_thing_type(options = {}) ⇒ Struct

Deprecates a thing type. You can not associate new things with deprecated thing type.

Examples:

Request syntax with placeholder values


resp = client.deprecate_thing_type({
  thing_type_name: "ThingTypeName", # required
  undo_deprecate: false,
})

Options Hash (options):

  • :thing_type_name (required, String)

    The name of the thing type to deprecate.

  • :undo_deprecate (Boolean)

    Whether to undeprecate a deprecated thing type. If true, the thing type will not be deprecated anymore and you can associate it with things.

Returns:

  • (Struct)

    Returns an empty response.

#describe_account_audit_configuration(options = {}) ⇒ Types::DescribeAccountAuditConfigurationResponse

Gets information about the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled.

Examples:

Request syntax with placeholder values


resp = client.()

Response structure


resp.role_arn #=> String
resp.audit_notification_target_configurations #=> Hash
resp.audit_notification_target_configurations["AuditNotificationType"].target_arn #=> String
resp.audit_notification_target_configurations["AuditNotificationType"].role_arn #=> String
resp.audit_notification_target_configurations["AuditNotificationType"].enabled #=> true/false
resp.audit_check_configurations #=> Hash
resp.audit_check_configurations["AuditCheckName"].enabled #=> true/false

Returns:

#describe_audit_finding(options = {}) ⇒ Types::DescribeAuditFindingResponse

Gets information about a single audit finding. Properties include the reason for noncompliance, the severity of the issue, and when the audit that returned the finding was started.

Examples:

Request syntax with placeholder values


resp = client.describe_audit_finding({
  finding_id: "FindingId", # required
})

Response structure


resp.finding.finding_id #=> String
resp.finding.task_id #=> String
resp.finding.check_name #=> String
resp.finding.task_start_time #=> Time
resp.finding.finding_time #=> Time
resp.finding.severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW"
resp.finding.non_compliant_resource.resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE"
resp.finding.non_compliant_resource.resource_identifier.device_certificate_id #=> String
resp.finding.non_compliant_resource.resource_identifier.ca_certificate_id #=> String
resp.finding.non_compliant_resource.resource_identifier.cognito_identity_pool_id #=> String
resp.finding.non_compliant_resource.resource_identifier.client_id #=> String
resp.finding.non_compliant_resource.resource_identifier.policy_version_identifier.policy_name #=> String
resp.finding.non_compliant_resource.resource_identifier.policy_version_identifier.policy_version_id #=> String
resp.finding.non_compliant_resource.resource_identifier. #=> String
resp.finding.non_compliant_resource.resource_identifier.iam_role_arn #=> String
resp.finding.non_compliant_resource.resource_identifier.role_alias_arn #=> String
resp.finding.non_compliant_resource.additional_info #=> Hash
resp.finding.non_compliant_resource.additional_info["String"] #=> String
resp.finding.related_resources #=> Array
resp.finding.related_resources[0].resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE"
resp.finding.related_resources[0].resource_identifier.device_certificate_id #=> String
resp.finding.related_resources[0].resource_identifier.ca_certificate_id #=> String
resp.finding.related_resources[0].resource_identifier.cognito_identity_pool_id #=> String
resp.finding.related_resources[0].resource_identifier.client_id #=> String
resp.finding.related_resources[0].resource_identifier.policy_version_identifier.policy_name #=> String
resp.finding.related_resources[0].resource_identifier.policy_version_identifier.policy_version_id #=> String
resp.finding.related_resources[0].resource_identifier. #=> String
resp.finding.related_resources[0].resource_identifier.iam_role_arn #=> String
resp.finding.related_resources[0].resource_identifier.role_alias_arn #=> String
resp.finding.related_resources[0].additional_info #=> Hash
resp.finding.related_resources[0].additional_info["String"] #=> String
resp.finding.reason_for_non_compliance #=> String
resp.finding.reason_for_non_compliance_code #=> String
resp.finding.is_suppressed #=> true/false

Options Hash (options):

  • :finding_id (required, String)

    A unique identifier for a single audit finding. You can use this identifier to apply mitigation actions to the finding.

Returns:

#describe_audit_mitigation_actions_task(options = {}) ⇒ Types::DescribeAuditMitigationActionsTaskResponse

Gets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings. Properties include the actions being applied, the audit checks to which they're being applied, the task status, and aggregated task statistics.

Examples:

Request syntax with placeholder values


resp = client.describe_audit_mitigation_actions_task({
  task_id: "AuditMitigationActionsTaskId", # required
})

Response structure


resp.task_status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED", "CANCELED"
resp.start_time #=> Time
resp.end_time #=> Time
resp.task_statistics #=> Hash
resp.task_statistics["AuditCheckName"].total_findings_count #=> Integer
resp.task_statistics["AuditCheckName"].failed_findings_count #=> Integer
resp.task_statistics["AuditCheckName"].succeeded_findings_count #=> Integer
resp.task_statistics["AuditCheckName"].skipped_findings_count #=> Integer
resp.task_statistics["AuditCheckName"].canceled_findings_count #=> Integer
resp.target.audit_task_id #=> String
resp.target.finding_ids #=> Array
resp.target.finding_ids[0] #=> String
resp.target.audit_check_to_reason_code_filter #=> Hash
resp.target.audit_check_to_reason_code_filter["AuditCheckName"] #=> Array
resp.target.audit_check_to_reason_code_filter["AuditCheckName"][0] #=> String
resp.audit_check_to_actions_mapping #=> Hash
resp.audit_check_to_actions_mapping["AuditCheckName"] #=> Array
resp.audit_check_to_actions_mapping["AuditCheckName"][0] #=> String
resp.actions_definition #=> Array
resp.actions_definition[0].name #=> String
resp.actions_definition[0].id #=> String
resp.actions_definition[0].role_arn #=> String
resp.actions_definition[0].action_params.update_device_certificate_params.action #=> String, one of "DEACTIVATE"
resp.actions_definition[0].action_params.update_ca_certificate_params.action #=> String, one of "DEACTIVATE"
resp.actions_definition[0].action_params.add_things_to_thing_group_params.thing_group_names #=> Array
resp.actions_definition[0].action_params.add_things_to_thing_group_params.thing_group_names[0] #=> String
resp.actions_definition[0].action_params.add_things_to_thing_group_params.override_dynamic_groups #=> true/false
resp.actions_definition[0].action_params.replace_default_policy_version_params.template_name #=> String, one of "BLANK_POLICY"
resp.actions_definition[0].action_params.enable_io_t_logging_params.role_arn_for_logging #=> String
resp.actions_definition[0].action_params.enable_io_t_logging_params.log_level #=> String, one of "DEBUG", "INFO", "ERROR", "WARN", "DISABLED"
resp.actions_definition[0].action_params.publish_finding_to_sns_params.topic_arn #=> String

Options Hash (options):

  • :task_id (required, String)

    The unique identifier for the audit mitigation task.

Returns:

#describe_audit_suppression(options = {}) ⇒ Types::DescribeAuditSuppressionResponse

Gets information about a Device Defender audit suppression.

Examples:

Request syntax with placeholder values


resp = client.describe_audit_suppression({
  check_name: "AuditCheckName", # required
  resource_identifier: { # required
    device_certificate_id: "CertificateId",
    ca_certificate_id: "CertificateId",
    cognito_identity_pool_id: "CognitoIdentityPoolId",
    client_id: "ClientId",
    policy_version_identifier: {
      policy_name: "PolicyName",
      policy_version_id: "PolicyVersionId",
    },
    account: "AwsAccountId",
    iam_role_arn: "RoleArn",
    role_alias_arn: "RoleAliasArn",
  },
})

Response structure


resp.check_name #=> String
resp.resource_identifier.device_certificate_id #=> String
resp.resource_identifier.ca_certificate_id #=> String
resp.resource_identifier.cognito_identity_pool_id #=> String
resp.resource_identifier.client_id #=> String
resp.resource_identifier.policy_version_identifier.policy_name #=> String
resp.resource_identifier.policy_version_identifier.policy_version_id #=> String
resp.resource_identifier. #=> String
resp.resource_identifier.iam_role_arn #=> String
resp.resource_identifier.role_alias_arn #=> String
resp.expiration_date #=> Time
resp.suppress_indefinitely #=> true/false
resp.description #=> String

Options Hash (options):

  • :check_name (required, String)

    An audit check name. Checks must be enabled for your account. (Use DescribeAccountAuditConfiguration to see the list of all checks, including those that are enabled or use UpdateAccountAuditConfiguration to select which checks are enabled.)

  • :resource_identifier (required, Types::ResourceIdentifier)

    Information that identifies the noncompliant resource.

Returns:

#describe_audit_task(options = {}) ⇒ Types::DescribeAuditTaskResponse

Gets information about a Device Defender audit.

Examples:

Request syntax with placeholder values


resp = client.describe_audit_task({
  task_id: "AuditTaskId", # required
})

Response structure


resp.task_status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED", "CANCELED"
resp.task_type #=> String, one of "ON_DEMAND_AUDIT_TASK", "SCHEDULED_AUDIT_TASK"
resp.task_start_time #=> Time
resp.task_statistics.total_checks #=> Integer
resp.task_statistics.in_progress_checks #=> Integer
resp.task_statistics.waiting_for_data_collection_checks #=> Integer
resp.task_statistics.compliant_checks #=> Integer
resp.task_statistics.non_compliant_checks #=> Integer
resp.task_statistics.failed_checks #=> Integer
resp.task_statistics.canceled_checks #=> Integer
resp.scheduled_audit_name #=> String
resp.audit_details #=> Hash
resp.audit_details["AuditCheckName"].check_run_status #=> String, one of "IN_PROGRESS", "WAITING_FOR_DATA_COLLECTION", "CANCELED", "COMPLETED_COMPLIANT", "COMPLETED_NON_COMPLIANT", "FAILED"
resp.audit_details["AuditCheckName"].check_compliant #=> true/false
resp.audit_details["AuditCheckName"].total_resources_count #=> Integer
resp.audit_details["AuditCheckName"].non_compliant_resources_count #=> Integer
resp.audit_details["AuditCheckName"].suppressed_non_compliant_resources_count #=> Integer
resp.audit_details["AuditCheckName"].error_code #=> String
resp.audit_details["AuditCheckName"].message #=> String

Options Hash (options):

  • :task_id (required, String)

    The ID of the audit whose information you want to get.

Returns:

#describe_authorizer(options = {}) ⇒ Types::DescribeAuthorizerResponse

Describes an authorizer.

Examples:

Request syntax with placeholder values


resp = client.describe_authorizer({
  authorizer_name: "AuthorizerName", # required
})

Response structure


resp.authorizer_description.authorizer_name #=> String
resp.authorizer_description.authorizer_arn #=> String
resp.authorizer_description.authorizer_function_arn #=> String
resp.authorizer_description.token_key_name #=> String
resp.authorizer_description.token_signing_public_keys #=> Hash
resp.authorizer_description.token_signing_public_keys["KeyName"] #=> String
resp.authorizer_description.status #=> String, one of "ACTIVE", "INACTIVE"
resp.authorizer_description.creation_date #=> Time
resp.authorizer_description.last_modified_date #=> Time
resp.authorizer_description.signing_disabled #=> true/false

Options Hash (options):

  • :authorizer_name (required, String)

    The name of the authorizer to describe.

Returns:

#describe_billing_group(options = {}) ⇒ Types::DescribeBillingGroupResponse

Returns information about a billing group.

Examples:

Request syntax with placeholder values


resp = client.describe_billing_group({
  billing_group_name: "BillingGroupName", # required
})

Response structure


resp.billing_group_name #=> String
resp.billing_group_id #=> String
resp.billing_group_arn #=> String
resp.version #=> Integer
resp.billing_group_properties.billing_group_description #=> String
resp..creation_date #=> Time

Options Hash (options):

  • :billing_group_name (required, String)

    The name of the billing group.

Returns:

#describe_ca_certificate(options = {}) ⇒ Types::DescribeCACertificateResponse

Describes a registered CA certificate.

Examples:

Request syntax with placeholder values


resp = client.describe_ca_certificate({
  certificate_id: "CertificateId", # required
})

Response structure


resp.certificate_description.certificate_arn #=> String
resp.certificate_description.certificate_id #=> String
resp.certificate_description.status #=> String, one of "ACTIVE", "INACTIVE"
resp.certificate_description.certificate_pem #=> String
resp.certificate_description.owned_by #=> String
resp.certificate_description.creation_date #=> Time
resp.certificate_description.auto_registration_status #=> String, one of "ENABLE", "DISABLE"
resp.certificate_description.last_modified_date #=> Time
resp.certificate_description.customer_version #=> Integer
resp.certificate_description.generation_id #=> String
resp.certificate_description.validity.not_before #=> Time
resp.certificate_description.validity.not_after #=> Time
resp.registration_config.template_body #=> String
resp.registration_config.role_arn #=> String

Options Hash (options):

  • :certificate_id (required, String)

    The CA certificate identifier.

Returns:

#describe_certificate(options = {}) ⇒ Types::DescribeCertificateResponse

Gets information about the specified certificate.

Examples:

Request syntax with placeholder values


resp = client.describe_certificate({
  certificate_id: "CertificateId", # required
})

Response structure


resp.certificate_description.certificate_arn #=> String
resp.certificate_description.certificate_id #=> String
resp.certificate_description.ca_certificate_id #=> String
resp.certificate_description.status #=> String, one of "ACTIVE", "INACTIVE", "REVOKED", "PENDING_TRANSFER", "REGISTER_INACTIVE", "PENDING_ACTIVATION"
resp.certificate_description.certificate_pem #=> String
resp.certificate_description.owned_by #=> String
resp.certificate_description.previous_owned_by #=> String
resp.certificate_description.creation_date #=> Time
resp.certificate_description.last_modified_date #=> Time
resp.certificate_description.customer_version #=> Integer
resp.certificate_description.transfer_data.transfer_message #=> String
resp.certificate_description.transfer_data.reject_reason #=> String
resp.certificate_description.transfer_data.transfer_date #=> Time
resp.certificate_description.transfer_data.accept_date #=> Time
resp.certificate_description.transfer_data.reject_date #=> Time
resp.certificate_description.generation_id #=> String
resp.certificate_description.validity.not_before #=> Time
resp.certificate_description.validity.not_after #=> Time
resp.certificate_description.certificate_mode #=> String, one of "DEFAULT", "SNI_ONLY"

Options Hash (options):

  • :certificate_id (required, String)

    The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)

Returns:

#describe_default_authorizer(options = {}) ⇒ Types::DescribeDefaultAuthorizerResponse

Describes the default authorizer.

Examples:

Request syntax with placeholder values


resp = client.describe_default_authorizer()

Response structure


resp.authorizer_description.authorizer_name #=> String
resp.authorizer_description.authorizer_arn #=> String
resp.authorizer_description.authorizer_function_arn #=> String
resp.authorizer_description.token_key_name #=> String
resp.authorizer_description.token_signing_public_keys #=> Hash
resp.authorizer_description.token_signing_public_keys["KeyName"] #=> String
resp.authorizer_description.status #=> String, one of "ACTIVE", "INACTIVE"
resp.authorizer_description.creation_date #=> Time
resp.authorizer_description.last_modified_date #=> Time
resp.authorizer_description.signing_disabled #=> true/false

Returns:

#describe_dimension(options = {}) ⇒ Types::DescribeDimensionResponse

Provides details about a dimension that is defined in your AWS account.

Examples:

Request syntax with placeholder values


resp = client.describe_dimension({
  name: "DimensionName", # required
})

Response structure


resp.name #=> String
resp.arn #=> String
resp.type #=> String, one of "TOPIC_FILTER"
resp.string_values #=> Array
resp.string_values[0] #=> String
resp.creation_date #=> Time
resp.last_modified_date #=> Time

Options Hash (options):

  • :name (required, String)

    The unique identifier for the dimension.

Returns:

#describe_domain_configuration(options = {}) ⇒ Types::DescribeDomainConfigurationResponse

Gets summary information about a domain configuration.

The domain configuration feature is in public preview and is subject to change.

Examples:

Request syntax with placeholder values


resp = client.describe_domain_configuration({
  domain_configuration_name: "ReservedDomainConfigurationName", # required
})

Response structure


resp.domain_configuration_name #=> String
resp.domain_configuration_arn #=> String
resp.domain_name #=> String
resp.server_certificates #=> Array
resp.server_certificates[0].server_certificate_arn #=> String
resp.server_certificates[0].server_certificate_status #=> String, one of "INVALID", "VALID"
resp.server_certificates[0].server_certificate_status_detail #=> String
resp.authorizer_config.default_authorizer_name #=> String
resp.authorizer_config.allow_authorizer_override #=> true/false
resp.domain_configuration_status #=> String, one of "ENABLED", "DISABLED"
resp.service_type #=> String, one of "DATA", "CREDENTIAL_PROVIDER", "JOBS"
resp.domain_type #=> String, one of "ENDPOINT", "AWS_MANAGED", "CUSTOMER_MANAGED"
resp.last_status_change_date #=> Time

Options Hash (options):

  • :domain_configuration_name (required, String)

    The name of the domain configuration.

Returns:

#describe_endpoint(options = {}) ⇒ Types::DescribeEndpointResponse

Returns a unique endpoint specific to the AWS account making the call.

Examples:

Request syntax with placeholder values


resp = client.describe_endpoint({
  endpoint_type: "EndpointType",
})

Response structure


resp.endpoint_address #=> String

Options Hash (options):

  • :endpoint_type (String)

    The endpoint type. Valid endpoint types include:

    • iot:Data - Returns a VeriSign signed data endpoint.

    ^ ^

    • iot:Data-ATS - Returns an ATS signed data endpoint.

    ^ ^

    • iot:CredentialProvider - Returns an AWS IoT credentials provider API endpoint.

    ^ ^

    • iot:Jobs - Returns an AWS IoT device management Jobs API endpoint.

    ^

    We strongly recommend that customers use the newer iot:Data-ATS endpoint type to avoid issues related to the widespread distrust of Symantec certificate authorities.

Returns:

#describe_event_configurations(options = {}) ⇒ Types::DescribeEventConfigurationsResponse

Describes event configurations.

Examples:

Request syntax with placeholder values


resp = client.describe_event_configurations()

Response structure


resp.event_configurations #=> Hash
resp.event_configurations["EventType"].enabled #=> true/false
resp.creation_date #=> Time
resp.last_modified_date #=> Time

Returns:

#describe_index(options = {}) ⇒ Types::DescribeIndexResponse

Describes a search index.

Examples:

Request syntax with placeholder values


resp = client.describe_index({
  index_name: "IndexName", # required
})

Response structure


resp.index_name #=> String
resp.index_status #=> String, one of "ACTIVE", "BUILDING", "REBUILDING"
resp.schema #=> String

Options Hash (options):

  • :index_name (required, String)

    The index name.

Returns:

#describe_job(options = {}) ⇒ Types::DescribeJobResponse

Describes a job.

Examples:

Request syntax with placeholder values


resp = client.describe_job({
  job_id: "JobId", # required
})

Response structure


resp.document_source #=> String
resp.job.job_arn #=> String
resp.job.job_id #=> String
resp.job.target_selection #=> String, one of "CONTINUOUS", "SNAPSHOT"
resp.job.status #=> String, one of "IN_PROGRESS", "CANCELED", "COMPLETED", "DELETION_IN_PROGRESS"
resp.job.force_canceled #=> true/false
resp.job.reason_code #=> String
resp.job.comment #=> String
resp.job.targets #=> Array
resp.job.targets[0] #=> String
resp.job.description #=> String
resp.job.presigned_url_config.role_arn #=> String
resp.job.presigned_url_config.expires_in_sec #=> Integer
resp.job.job_executions_rollout_config.maximum_per_minute #=> Integer
resp.job.job_executions_rollout_config.exponential_rate.base_rate_per_minute #=> Integer
resp.job.job_executions_rollout_config.exponential_rate.increment_factor #=> Float
resp.job.job_executions_rollout_config.exponential_rate.rate_increase_criteria.number_of_notified_things #=> Integer
resp.job.job_executions_rollout_config.exponential_rate.rate_increase_criteria.number_of_succeeded_things #=> Integer
resp.job.abort_config.criteria_list #=> Array
resp.job.abort_config.criteria_list[0].failure_type #=> String, one of "FAILED", "REJECTED", "TIMED_OUT", "ALL"
resp.job.abort_config.criteria_list[0].action #=> String, one of "CANCEL"
resp.job.abort_config.criteria_list[0].threshold_percentage #=> Float
resp.job.abort_config.criteria_list[0].min_number_of_executed_things #=> Integer
resp.job.created_at #=> Time
resp.job.last_updated_at #=> Time
resp.job.completed_at #=> Time
resp.job.job_process_details.processing_targets #=> Array
resp.job.job_process_details.processing_targets[0] #=> String
resp.job.job_process_details.number_of_canceled_things #=> Integer
resp.job.job_process_details.number_of_succeeded_things #=> Integer
resp.job.job_process_details.number_of_failed_things #=> Integer
resp.job.job_process_details.number_of_rejected_things #=> Integer
resp.job.job_process_details.number_of_queued_things #=> Integer
resp.job.job_process_details.number_of_in_progress_things #=> Integer
resp.job.job_process_details.number_of_removed_things #=> Integer
resp.job.job_process_details.number_of_timed_out_things #=> Integer
resp.job.timeout_config.in_progress_timeout_in_minutes #=> Integer
resp.job.namespace_id #=> String

Options Hash (options):

  • :job_id (required, String)

    The unique identifier you assigned to this job when it was created.

Returns:

#describe_job_execution(options = {}) ⇒ Types::DescribeJobExecutionResponse

Describes a job execution.

Examples:

Request syntax with placeholder values


resp = client.describe_job_execution({
  job_id: "JobId", # required
  thing_name: "ThingName", # required
  execution_number: 1,
})

Response structure


resp.execution.job_id #=> String
resp.execution.status #=> String, one of "QUEUED", "IN_PROGRESS", "SUCCEEDED", "FAILED", "TIMED_OUT", "REJECTED", "REMOVED", "CANCELED"
resp.execution.force_canceled #=> true/false
resp.execution.status_details.details_map #=> Hash
resp.execution.status_details.details_map["DetailsKey"] #=> String
resp.execution.thing_arn #=> String
resp.execution.queued_at #=> Time
resp.execution.started_at #=> Time
resp.execution.last_updated_at #=> Time
resp.execution.execution_number #=> Integer
resp.execution.version_number #=> Integer
resp.execution.approximate_seconds_before_timed_out #=> Integer

Options Hash (options):

  • :job_id (required, String)

    The unique identifier you assigned to this job when it was created.

  • :thing_name (required, String)

    The name of the thing on which the job execution is running.

  • :execution_number (Integer)

    A string (consisting of the digits \"0\" through \"9\" which is used to specify a particular job execution on a particular device.

Returns:

#describe_mitigation_action(options = {}) ⇒ Types::DescribeMitigationActionResponse

Gets information about a mitigation action.

Examples:

Request syntax with placeholder values


resp = client.describe_mitigation_action({
  action_name: "MitigationActionName", # required
})

Response structure


resp.action_name #=> String
resp.action_type #=> String, one of "UPDATE_DEVICE_CERTIFICATE", "UPDATE_CA_CERTIFICATE", "ADD_THINGS_TO_THING_GROUP", "REPLACE_DEFAULT_POLICY_VERSION", "ENABLE_IOT_LOGGING", "PUBLISH_FINDING_TO_SNS"
resp.action_arn #=> String
resp.action_id #=> String
resp.role_arn #=> String
resp.action_params.update_device_certificate_params.action #=> String, one of "DEACTIVATE"
resp.action_params.update_ca_certificate_params.action #=> String, one of "DEACTIVATE"
resp.action_params.add_things_to_thing_group_params.thing_group_names #=> Array
resp.action_params.add_things_to_thing_group_params.thing_group_names[0] #=> String
resp.action_params.add_things_to_thing_group_params.override_dynamic_groups #=> true/false
resp.action_params.replace_default_policy_version_params.template_name #=> String, one of "BLANK_POLICY"
resp.action_params.enable_io_t_logging_params.role_arn_for_logging #=> String
resp.action_params.enable_io_t_logging_params.log_level #=> String, one of "DEBUG", "INFO", "ERROR", "WARN", "DISABLED"
resp.action_params.publish_finding_to_sns_params.topic_arn #=> String
resp.creation_date #=> Time
resp.last_modified_date #=> Time

Options Hash (options):

  • :action_name (required, String)

    The friendly name that uniquely identifies the mitigation action.

Returns:

#describe_provisioning_template(options = {}) ⇒ Types::DescribeProvisioningTemplateResponse

Returns information about a fleet provisioning template.

Examples:

Request syntax with placeholder values


resp = client.describe_provisioning_template({
  template_name: "TemplateName", # required
})

Response structure


resp.template_arn #=> String
resp.template_name #=> String
resp.description #=> String
resp.creation_date #=> Time
resp.last_modified_date #=> Time
resp.default_version_id #=> Integer
resp.template_body #=> String
resp.enabled #=> true/false
resp.provisioning_role_arn #=> String
resp.pre_provisioning_hook.payload_version #=> String
resp.pre_provisioning_hook.target_arn #=> String

Options Hash (options):

  • :template_name (required, String)

    The name of the fleet provisioning template.

Returns:

#describe_provisioning_template_version(options = {}) ⇒ Types::DescribeProvisioningTemplateVersionResponse

Returns information about a fleet provisioning template version.

Examples:

Request syntax with placeholder values


resp = client.describe_provisioning_template_version({
  template_name: "TemplateName", # required
  version_id: 1, # required
})

Response structure


resp.version_id #=> Integer
resp.creation_date #=> Time
resp.template_body #=> String
resp.is_default_version #=> true/false

Options Hash (options):

  • :template_name (required, String)

    The template name.

  • :version_id (required, Integer)

    The fleet provisioning template version ID.

Returns:

#describe_role_alias(options = {}) ⇒ Types::DescribeRoleAliasResponse

Describes a role alias.

Examples:

Request syntax with placeholder values


resp = client.describe_role_alias({
  role_alias: "RoleAlias", # required
})

Response structure


resp.role_alias_description.role_alias #=> String
resp.role_alias_description.role_alias_arn #=> String
resp.role_alias_description.role_arn #=> String
resp.role_alias_description.owner #=> String
resp.role_alias_description.credential_duration_seconds #=> Integer
resp.role_alias_description.creation_date #=> Time
resp.role_alias_description.last_modified_date #=> Time

Options Hash (options):

  • :role_alias (required, String)

    The role alias to describe.

Returns:

#describe_scheduled_audit(options = {}) ⇒ Types::DescribeScheduledAuditResponse

Gets information about a scheduled audit.

Examples:

Request syntax with placeholder values


resp = client.describe_scheduled_audit({
  scheduled_audit_name: "ScheduledAuditName", # required
})

Response structure


resp.frequency #=> String, one of "DAILY", "WEEKLY", "BIWEEKLY", "MONTHLY"
resp.day_of_month #=> String
resp.day_of_week #=> String, one of "SUN", "MON", "TUE", "WED", "THU", "FRI", "SAT"
resp.target_check_names #=> Array
resp.target_check_names[0] #=> String
resp.scheduled_audit_name #=> String
resp.scheduled_audit_arn #=> String

Options Hash (options):

  • :scheduled_audit_name (required, String)

    The name of the scheduled audit whose information you want to get.

Returns:

#describe_security_profile(options = {}) ⇒ Types::DescribeSecurityProfileResponse

Gets information about a Device Defender security profile.

Examples:

Request syntax with placeholder values


resp = client.describe_security_profile({
  security_profile_name: "SecurityProfileName", # required
})

Response structure


resp.security_profile_name #=> String
resp.security_profile_arn #=> String
resp.security_profile_description #=> String
resp.behaviors #=> Array
resp.behaviors[0].name #=> String
resp.behaviors[0].metric #=> String
resp.behaviors[0].metric_dimension.dimension_name #=> String
resp.behaviors[0].metric_dimension.operator #=> String, one of "IN", "NOT_IN"
resp.behaviors[0].criteria.comparison_operator #=> String, one of "less-than", "less-than-equals", "greater-than", "greater-than-equals", "in-cidr-set", "not-in-cidr-set", "in-port-set", "not-in-port-set"
resp.behaviors[0].criteria.value.count #=> Integer
resp.behaviors[0].criteria.value.cidrs #=> Array
resp.behaviors[0].criteria.value.cidrs[0] #=> String
resp.behaviors[0].criteria.value.ports #=> Array
resp.behaviors[0].criteria.value.ports[0] #=> Integer
resp.behaviors[0].criteria.duration_seconds #=> Integer
resp.behaviors[0].criteria.consecutive_datapoints_to_alarm #=> Integer
resp.behaviors[0].criteria.consecutive_datapoints_to_clear #=> Integer
resp.behaviors[0].criteria.statistical_threshold.statistic #=> String
resp.alert_targets #=> Hash
resp.alert_targets["AlertTargetType"].alert_target_arn #=> String
resp.alert_targets["AlertTargetType"].role_arn #=> String
resp.additional_metrics_to_retain #=> Array
resp.additional_metrics_to_retain[0] #=> String
resp.additional_metrics_to_retain_v2 #=> Array
resp.additional_metrics_to_retain_v2[0].metric #=> String
resp.additional_metrics_to_retain_v2[0].metric_dimension.dimension_name #=> String
resp.additional_metrics_to_retain_v2[0].metric_dimension.operator #=> String, one of "IN", "NOT_IN"
resp.version #=> Integer
resp.creation_date #=> Time
resp.last_modified_date #=> Time

Options Hash (options):

  • :security_profile_name (required, String)

    The name of the security profile whose information you want to get.

Returns:

#describe_stream(options = {}) ⇒ Types::DescribeStreamResponse

Gets information about a stream.

Examples:

Request syntax with placeholder values


resp = client.describe_stream({
  stream_id: "StreamId", # required
})

Response structure


resp.stream_info.stream_id #=> String
resp.stream_info.stream_arn #=> String
resp.stream_info.stream_version #=> Integer
resp.stream_info.description #=> String
resp.stream_info.files #=> Array
resp.stream_info.files[0].file_id #=> Integer
resp.stream_info.files[0].s3_location.bucket #=> String
resp.stream_info.files[0].s3_location.key #=> String
resp.stream_info.files[0].s3_location.version #=> String
resp.stream_info.created_at #=> Time
resp.stream_info.last_updated_at #=> Time
resp.stream_info.role_arn #=> String

Options Hash (options):

  • :stream_id (required, String)

    The stream ID.

Returns:

#describe_thing(options = {}) ⇒ Types::DescribeThingResponse

Gets information about the specified thing.

Examples:

Request syntax with placeholder values


resp = client.describe_thing({
  thing_name: "ThingName", # required
})

Response structure


resp.default_client_id #=> String
resp.thing_name #=> String
resp.thing_id #=> String
resp.thing_arn #=> String
resp.thing_type_name #=> String
resp.attributes #=> Hash
resp.attributes["AttributeName"] #=> <Hash,Array,String,Numeric,Boolean,IO,Set,nil>
resp.version #=> Integer
resp.billing_group_name #=> String

Options Hash (options):

  • :thing_name (required, String)

    The name of the thing.

Returns:

#describe_thing_group(options = {}) ⇒ Types::DescribeThingGroupResponse

Describe a thing group.

Examples:

Request syntax with placeholder values


resp = client.describe_thing_group({
  thing_group_name: "ThingGroupName", # required
})

Response structure


resp.thing_group_name #=> String
resp.thing_group_id #=> String
resp.thing_group_arn #=> String
resp.version #=> Integer
resp.thing_group_properties.thing_group_description #=> String
resp.thing_group_properties.attribute_payload.attributes #=> Hash
resp.thing_group_properties.attribute_payload.attributes["AttributeName"] #=> <Hash,Array,String,Numeric,Boolean,IO,Set,nil>
resp.thing_group_properties.attribute_payload.merge #=> true/false
resp..parent_group_name #=> String
resp..root_to_parent_thing_groups #=> Array
resp..root_to_parent_thing_groups[0].group_name #=> String
resp..root_to_parent_thing_groups[0].group_arn #=> String
resp..creation_date #=> Time
resp.index_name #=> String
resp.query_string #=> String
resp.query_version #=> String
resp.status #=> String, one of "ACTIVE", "BUILDING", "REBUILDING"

Options Hash (options):

  • :thing_group_name (required, String)

    The name of the thing group.

Returns:

#describe_thing_registration_task(options = {}) ⇒ Types::DescribeThingRegistrationTaskResponse

Describes a bulk thing provisioning task.

Examples:

Request syntax with placeholder values


resp = client.describe_thing_registration_task({
  task_id: "TaskId", # required
})

Response structure


resp.task_id #=> String
resp.creation_date #=> Time
resp.last_modified_date #=> Time
resp.template_body #=> String
resp.input_file_bucket #=> String
resp.input_file_key #=> String
resp.role_arn #=> String
resp.status #=> String, one of "InProgress", "Completed", "Failed", "Cancelled", "Cancelling"
resp.message #=> String
resp.success_count #=> Integer
resp.failure_count #=> Integer
resp.percentage_progress #=> Integer

Options Hash (options):

  • :task_id (required, String)

    The task ID.

Returns:

#describe_thing_type(options = {}) ⇒ Types::DescribeThingTypeResponse

Gets information about the specified thing type.

Examples:

Request syntax with placeholder values


resp = client.describe_thing_type({
  thing_type_name: "ThingTypeName", # required
})

Response structure


resp.thing_type_name #=> String
resp.thing_type_id #=> String
resp.thing_type_arn #=> String
resp.thing_type_properties.thing_type_description #=> String
resp.thing_type_properties.searchable_attributes #=> Array
resp.thing_type_properties.searchable_attributes[0] #=> String
resp..deprecated #=> true/false
resp..deprecation_date #=> Time
resp..creation_date #=> Time

Options Hash (options):

  • :thing_type_name (required, String)

    The name of the thing type.

Returns:

#detach_policy(options = {}) ⇒ Struct

Detaches a policy from the specified target.

Examples:

Request syntax with placeholder values


resp = client.detach_policy({
  policy_name: "PolicyName", # required
  target: "PolicyTarget", # required
})

Options Hash (options):

  • :policy_name (required, String)

    The policy to detach.

  • :target (required, String)

    The target from which the policy will be detached.

Returns:

  • (Struct)

    Returns an empty response.

#detach_principal_policy(options = {}) ⇒ Struct

Removes the specified policy from the specified certificate.

Note: This API is deprecated. Please use DetachPolicy instead.

Examples:

Request syntax with placeholder values


resp = client.detach_principal_policy({
  policy_name: "PolicyName", # required
  principal: "Principal", # required
})

Options Hash (options):

  • :policy_name (required, String)

    The name of the policy to detach.

  • :principal (required, String)

    The principal.

    Valid principals are CertificateArn (arn:aws:iot:region:accountId:cert/certificateId), thingGroupArn (arn:aws:iot:region:accountId:thinggroup/groupName) and CognitoId (region:id).

Returns:

  • (Struct)

    Returns an empty response.

#detach_security_profile(options = {}) ⇒ Struct

Disassociates a Device Defender security profile from a thing group or from this account.

Examples:

Request syntax with placeholder values


resp = client.detach_security_profile({
  security_profile_name: "SecurityProfileName", # required
  security_profile_target_arn: "SecurityProfileTargetArn", # required
})

Options Hash (options):

  • :security_profile_name (required, String)

    The security profile that is detached.

  • :security_profile_target_arn (required, String)

    The ARN of the thing group from which the security profile is detached.

Returns:

  • (Struct)

    Returns an empty response.

#detach_thing_principal(options = {}) ⇒ Struct

Detaches the specified principal from the specified thing. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

This call is asynchronous. It might take several seconds for the detachment to propagate.

Examples:

Request syntax with placeholder values


resp = client.detach_thing_principal({
  thing_name: "ThingName", # required
  principal: "Principal", # required
})

Options Hash (options):

  • :thing_name (required, String)

    The name of the thing.

  • :principal (required, String)

    If the principal is a certificate, this value must be ARN of the certificate. If the principal is an Amazon Cognito identity, this value must be the ID of the Amazon Cognito identity.

Returns:

  • (Struct)

    Returns an empty response.

#disable_topic_rule(options = {}) ⇒ Struct

Disables the rule.

Examples:

Request syntax with placeholder values


resp = client.disable_topic_rule({
  rule_name: "RuleName", # required
})

Options Hash (options):

  • :rule_name (required, String)

    The name of the rule to disable.

Returns:

  • (Struct)

    Returns an empty response.

#enable_topic_rule(options = {}) ⇒ Struct

Enables the rule.

Examples:

Request syntax with placeholder values


resp = client.enable_topic_rule({
  rule_name: "RuleName", # required
})

Options Hash (options):

  • :rule_name (required, String)

    The name of the topic rule to enable.

Returns:

  • (Struct)

    Returns an empty response.

#get_cardinality(options = {}) ⇒ Types::GetCardinalityResponse

Returns the approximate count of unique values that match the query.

Examples:

Request syntax with placeholder values


resp = client.get_cardinality({
  index_name: "IndexName",
  query_string: "QueryString", # required
  aggregation_field: "AggregationField",
  query_version: "QueryVersion",
})

Response structure


resp.cardinality #=> Integer

Options Hash (options):

  • :index_name (String)

    The name of the index to search.

  • :query_string (required, String)

    The search query.

  • :aggregation_field (String)

    The field to aggregate.

  • :query_version (String)

    The query version.

Returns:

#get_effective_policies(options = {}) ⇒ Types::GetEffectivePoliciesResponse

Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the AWS IoT device gateway.

Examples:

Request syntax with placeholder values


resp = client.get_effective_policies({
  principal: "Principal",
  cognito_identity_pool_id: "CognitoIdentityPoolId",
  thing_name: "ThingName",
})

Response structure


resp.effective_policies #=> Array
resp.effective_policies[0].policy_name #=> String
resp.effective_policies[0].policy_arn #=> String
resp.effective_policies[0].policy_document #=> String

Options Hash (options):

  • :principal (String)

    The principal. Valid principals are CertificateArn (arn:aws:iot:region:accountId:cert/certificateId), thingGroupArn (arn:aws:iot:region:accountId:thinggroup/groupName) and CognitoId (region:id).

  • :cognito_identity_pool_id (String)

    The Cognito identity pool ID.

  • :thing_name (String)

    The thing name.

Returns:

#get_indexing_configuration(options = {}) ⇒ Types::GetIndexingConfigurationResponse

Gets the indexing configuration.

Examples:

Request syntax with placeholder values


resp = client.get_indexing_configuration()

Response structure


resp.thing_indexing_configuration.thing_indexing_mode #=> String, one of "OFF", "REGISTRY", "REGISTRY_AND_SHADOW"
resp.thing_indexing_configuration.thing_connectivity_indexing_mode #=> String, one of "OFF", "STATUS"
resp.thing_indexing_configuration.managed_fields #=> Array
resp.thing_indexing_configuration.managed_fields[0].name #=> String
resp.thing_indexing_configuration.managed_fields[0].type #=> String, one of "Number", "String", "Boolean"
resp.thing_indexing_configuration.custom_fields #=> Array
resp.thing_indexing_configuration.custom_fields[0].name #=> String
resp.thing_indexing_configuration.custom_fields[0].type #=> String, one of "Number", "String", "Boolean"
resp.thing_group_indexing_configuration.thing_group_indexing_mode #=> String, one of "OFF", "ON"
resp.thing_group_indexing_configuration.managed_fields #=> Array
resp.thing_group_indexing_configuration.managed_fields[0].name #=> String
resp.thing_group_indexing_configuration.managed_fields[0].type #=> String, one of "Number", "String", "Boolean"
resp.thing_group_indexing_configuration.custom_fields #=> Array
resp.thing_group_indexing_configuration.custom_fields[0].name #=> String
resp.thing_group_indexing_configuration.custom_fields[0].type #=> String, one of "Number", "String", "Boolean"

Returns:

#get_job_document(options = {}) ⇒ Types::GetJobDocumentResponse

Gets a job document.

Examples:

Request syntax with placeholder values


resp = client.get_job_document({
  job_id: "JobId", # required
})

Response structure


resp.document #=> String

Options Hash (options):

  • :job_id (required, String)

    The unique identifier you assigned to this job when it was created.

Returns:

#get_logging_options(options = {}) ⇒ Types::GetLoggingOptionsResponse

Gets the logging options.

NOTE: use of this command is not recommended. Use GetV2LoggingOptions instead.

Examples:

Request syntax with placeholder values


resp = client.get_logging_options()

Response structure


resp.role_arn #=> String
resp.log_level #=> String, one of "DEBUG", "INFO", "ERROR", "WARN", "DISABLED"

Returns:

#get_ota_update(options = {}) ⇒ Types::GetOTAUpdateResponse

Gets an OTA update.

Examples:

Request syntax with placeholder values


resp = client.get_ota_update({
  ota_update_id: "OTAUpdateId", # required
})

Response structure


resp.ota_update_info.ota_update_id #=> String
resp.ota_update_info.ota_update_arn #=> String
resp.ota_update_info.creation_date #=> Time
resp.ota_update_info.last_modified_date #=> Time
resp.ota_update_info.description #=> String
resp.ota_update_info.targets #=> Array
resp.ota_update_info.targets[0] #=> String
resp.ota_update_info.protocols #=> Array
resp.ota_update_info.protocols[0] #=> String, one of "MQTT", "HTTP"
resp.ota_update_info.aws_job_executions_rollout_config.maximum_per_minute #=> Integer
resp.ota_update_info.aws_job_executions_rollout_config.exponential_rate.base_rate_per_minute #=> Integer
resp.ota_update_info.aws_job_executions_rollout_config.exponential_rate.increment_factor #=> Float
resp.ota_update_info.aws_job_executions_rollout_config.exponential_rate.rate_increase_criteria.number_of_notified_things #=> Integer
resp.ota_update_info.aws_job_executions_rollout_config.exponential_rate.rate_increase_criteria.number_of_succeeded_things #=> Integer
resp.ota_update_info.aws_job_presigned_url_config.expires_in_sec #=> Integer
resp.ota_update_info.target_selection #=> String, one of "CONTINUOUS", "SNAPSHOT"
resp.ota_update_info.ota_update_files #=> Array
resp.ota_update_info.ota_update_files[0].file_name #=> String
resp.ota_update_info.ota_update_files[0].file_version #=> String
resp.ota_update_info.ota_update_files[0].file_location.stream.stream_id #=> String
resp.ota_update_info.ota_update_files[0].file_location.stream.file_id #=> Integer
resp.ota_update_info.ota_update_files[0].file_location.s3_location.bucket #=> String
resp.ota_update_info.ota_update_files[0].file_location.s3_location.key #=> String
resp.ota_update_info.ota_update_files[0].file_location.s3_location.version #=> String
resp.ota_update_info.ota_update_files[0].code_signing.aws_signer_job_id #=> String
resp.ota_update_info.ota_update_files[0].code_signing.start_signing_job_parameter.signing_profile_parameter.certificate_arn #=> String
resp.ota_update_info.ota_update_files[0].code_signing.start_signing_job_parameter.signing_profile_parameter.platform #=> String
resp.ota_update_info.ota_update_files[0].code_signing.start_signing_job_parameter.signing_profile_parameter.certificate_path_on_device #=> String
resp.ota_update_info.ota_update_files[0].code_signing.start_signing_job_parameter.signing_profile_name #=> String
resp.ota_update_info.ota_update_files[0].code_signing.start_signing_job_parameter.destination.s3_destination.bucket #=> String
resp.ota_update_info.ota_update_files[0].code_signing.start_signing_job_parameter.destination.s3_destination.prefix #=> String
resp.ota_update_info.ota_update_files[0].code_signing.custom_code_signing.signature.inline_document #=> IO
resp.ota_update_info.ota_update_files[0].code_signing.custom_code_signing.certificate_chain.certificate_name #=> String
resp.ota_update_info.ota_update_files[0].code_signing.custom_code_signing.certificate_chain.inline_document #=> String
resp.ota_update_info.ota_update_files[0].code_signing.custom_code_signing.hash_algorithm #=> String
resp.ota_update_info.ota_update_files[0].code_signing.custom_code_signing.signature_algorithm #=> String
resp.ota_update_info.ota_update_files[0].attributes #=> Hash
resp.ota_update_info.ota_update_files[0].attributes["AttributeKey"] #=> String
resp.ota_update_info.ota_update_status #=> String, one of "CREATE_PENDING", "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "CREATE_FAILED"
resp.ota_update_info.aws_iot_job_id #=> String
resp.ota_update_info.aws_iot_job_arn #=> String
resp.ota_update_info.error_info.code #=> String
resp.ota_update_info.error_info.message #=> String
resp.ota_update_info.additional_parameters #=> Hash
resp.ota_update_info.additional_parameters["AttributeKey"] #=> String

Options Hash (options):

  • :ota_update_id (required, String)

    The OTA update ID.

Returns:

#get_percentiles(options = {}) ⇒ Types::GetPercentilesResponse

Groups the aggregated values that match the query into percentile groupings. The default percentile groupings are: 1,5,25,50,75,95,99, although you can specify your own when you call GetPercentiles. This function returns a value for each percentile group specified (or the default percentile groupings). The percentile group "1" contains the aggregated field value that occurs in approximately one percent of the values that match the query. The percentile group "5" contains the aggregated field value that occurs in approximately five percent of the values that match the query, and so on. The result is an approximation, the more values that match the query, the more accurate the percentile values.

Examples:

Request syntax with placeholder values


resp = client.get_percentiles({
  index_name: "IndexName",
  query_string: "QueryString", # required
  aggregation_field: "AggregationField",
  query_version: "QueryVersion",
  percents: [1.0],
})

Response structure


resp.percentiles #=> Array
resp.percentiles[0].percent #=> Float
resp.percentiles[0].value #=> Float

Options Hash (options):

  • :index_name (String)

    The name of the index to search.

  • :query_string (required, String)

    The query string.

  • :aggregation_field (String)

    The field to aggregate.

  • :query_version (String)

    The query version.

  • :percents (Array<Float>)

    The percentile groups returned.

Returns:

#get_policy(options = {}) ⇒ Types::GetPolicyResponse

Gets information about the specified policy with the policy document of the default version.

Examples:

Request syntax with placeholder values


resp = client.get_policy({
  policy_name: "PolicyName", # required
})

Response structure


resp.policy_name #=> String
resp.policy_arn #=> String
resp.policy_document #=> String
resp.default_version_id #=> String
resp.creation_date #=> Time
resp.last_modified_date #=> Time
resp.generation_id #=> String

Options Hash (options):

  • :policy_name (required, String)

    The name of the policy.

Returns:

#get_policy_version(options = {}) ⇒ Types::GetPolicyVersionResponse

Gets information about the specified policy version.

Examples:

Request syntax with placeholder values


resp = client.get_policy_version({
  policy_name: "PolicyName", # required
  policy_version_id: "PolicyVersionId", # required
})

Response structure


resp.policy_arn #=> String
resp.policy_name #=> String
resp.policy_document #=> String
resp.policy_version_id #=> String
resp.is_default_version #=> true/false
resp.creation_date #=> Time
resp.last_modified_date #=> Time
resp.generation_id #=> String

Options Hash (options):

  • :policy_name (required, String)

    The name of the policy.

  • :policy_version_id (required, String)

    The policy version ID.

Returns:

#get_registration_code(options = {}) ⇒ Types::GetRegistrationCodeResponse

Gets a registration code used to register a CA certificate with AWS IoT.

Examples:

Request syntax with placeholder values


resp = client.get_registration_code()

Response structure


resp.registration_code #=> String

Returns:

#get_statistics(options = {}) ⇒ Types::GetStatisticsResponse

Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field. If the aggregation field is of type String, only the count statistic is returned.

Examples:

Request syntax with placeholder values


resp = client.get_statistics({
  index_name: "IndexName",
  query_string: "QueryString", # required
  aggregation_field: "AggregationField",
  query_version: "QueryVersion",
})

Response structure


resp.statistics.count #=> Integer
resp.statistics.average #=> Float
resp.statistics.sum #=> Float
resp.statistics.minimum #=> Float
resp.statistics.maximum #=> Float
resp.statistics.sum_of_squares #=> Float
resp.statistics.variance #=> Float
resp.statistics.std_deviation #=> Float

Options Hash (options):

  • :index_name (String)

    The name of the index to search. The default value is AWS_Things.

  • :query_string (required, String)

    The query used to search. You can specify \"*\" for the query string to get the count of all indexed things in your AWS account.

  • :aggregation_field (String)

    The aggregation field name.

  • :query_version (String)

    The version of the query used to search.

Returns:

#get_topic_rule(options = {}) ⇒ Types::GetTopicRuleResponse

Gets information about the rule.

Examples:

Request syntax with placeholder values


resp = client.get_topic_rule({
  rule_name: "RuleName", # required
})

Response structure


resp.rule_arn #=> String
resp.rule.rule_name #=> String
resp.rule.sql #=> String
resp.rule.description #=> String
resp.rule.created_at #=> Time
resp.rule.actions #=> Array
resp.rule.actions[0].dynamo_db.table_name #=> String
resp.rule.actions[0].dynamo_db.role_arn #=> String
resp.rule.actions[0].dynamo_db.operation #=> String
resp.rule.actions[0].dynamo_db.hash_key_field #=> String
resp.rule.actions[0].dynamo_db.hash_key_value #=> String
resp.rule.actions[0].dynamo_db.hash_key_type #=> String, one of "STRING", "NUMBER"
resp.rule.actions[0].dynamo_db.range_key_field #=> String
resp.rule.actions[0].dynamo_db.range_key_value #=> String
resp.rule.actions[0].dynamo_db.range_key_type #=> String, one of "STRING", "NUMBER"
resp.rule.actions[0].dynamo_db.payload_field #=> String
resp.rule.actions[0].dynamo_d_bv_2.role_arn #=> String
resp.rule.actions[0].dynamo_d_bv_2.put_item.table_name #=> String
resp.rule.actions[0].lambda.function_arn #=> String
resp.rule.actions[0].sns.target_arn #=> String
resp.rule.actions[0].sns.role_arn #=> String
resp.rule.actions[0].sns.message_format #=> String, one of "RAW", "JSON"
resp.rule.actions[0].sqs.role_arn #=> String
resp.rule.actions[0].sqs.queue_url #=> String
resp.rule.actions[0].sqs.use_base_64 #=> true/false
resp.rule.actions[0].kinesis.role_arn #=> String
resp.rule.actions[0].kinesis.stream_name #=> String
resp.rule.actions[0].kinesis.partition_key #=> String
resp.rule.actions[0].republish.role_arn #=> String
resp.rule.actions[0].republish.topic #=> String
resp.rule.actions[0].republish.qos #=> Integer
resp.rule.actions[0].s3.role_arn #=> String
resp.rule.actions[0].s3.bucket_name #=> String
resp.rule.actions[0].s3.key #=> String
resp.rule.actions[0].s3.canned_acl #=> String, one of "private", "public-read", "public-read-write", "aws-exec-read", "authenticated-read", "bucket-owner-read", "bucket-owner-full-control", "log-delivery-write"
resp.rule.actions[0].firehose.role_arn #=> String
resp.rule.actions[0].firehose.delivery_stream_name #=> String
resp.rule.actions[0].firehose.separator #=> String
resp.rule.actions[0].firehose.batch_mode #=> true/false
resp.rule.actions[0].cloudwatch_metric.role_arn #=> String
resp.rule.actions[0].cloudwatch_metric.metric_namespace #=> String
resp.rule.actions[0].cloudwatch_metric.metric_name #=> String
resp.rule.actions[0].cloudwatch_metric.metric_value #=> String
resp.rule.actions[0].cloudwatch_metric.metric_unit #=> String
resp.rule.actions[0].cloudwatch_metric.metric_timestamp #=> String
resp.rule.actions[0].cloudwatch_alarm.role_arn #=> String
resp.rule.actions[0].cloudwatch_alarm.alarm_name #=> String
resp.rule.actions[0].cloudwatch_alarm.state_reason #=> String
resp.rule.actions[0].cloudwatch_alarm.state_value #=> String
resp.rule.actions[0].cloudwatch_logs.role_arn #=> String
resp.rule.actions[0].cloudwatch_logs.log_group_name #=> String
resp.rule.actions[0].elasticsearch.role_arn #=> String
resp.rule.actions[0].elasticsearch.endpoint #=> String
resp.rule.actions[0].elasticsearch.index #=> String
resp.rule.actions[0].elasticsearch.type #=> String
resp.rule.actions[0].elasticsearch.id #=> String
resp.rule.actions[0].salesforce.token #=> String
resp.rule.actions[0].salesforce.url #=> String
resp.rule.actions[0].iot_analytics.channel_arn #=> String
resp.rule.actions[0].iot_analytics.channel_name #=> String
resp.rule.actions[0].iot_analytics.batch_mode #=> true/false
resp.rule.actions[0].iot_analytics.role_arn #=> String
resp.rule.actions[0].iot_events.input_name #=> String
resp.rule.actions[0].iot_events.message_id #=> String
resp.rule.actions[0].iot_events.batch_mode #=> true/false
resp.rule.actions[0].iot_events.role_arn #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries #=> Array
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].entry_id #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].asset_id #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_id #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_alias #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_values #=> Array
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_values[0].value.string_value #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_values[0].value.integer_value #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_values[0].value.double_value #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_values[0].value.boolean_value #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_values[0].timestamp.time_in_seconds #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_values[0].timestamp.offset_in_nanos #=> String
resp.rule.actions[0].iot_site_wise.put_asset_property_value_entries[0].property_values[0].quality #=> String
resp.rule.actions[0].iot_site_wise.role_arn #=> String
resp.rule.actions[0].step_functions.execution_name_prefix #=> String
resp.rule.actions[0].step_functions.state_machine_name #=> String
resp.rule.actions[0].step_functions.role_arn #=> String
resp.rule.actions[0].timestream.role_arn #=> String
resp.rule.actions[0].timestream.database_name #=> String
resp.rule.actions[0].timestream.table_name #=> String
resp.rule.actions[0].timestream.dimensions #=> Array
resp.rule.actions[0].timestream.dimensions[0].name #=> String
resp.rule.actions[0].timestream.dimensions[0].value #=> String
resp.rule.actions[0].timestream.timestamp.value #=> String
resp.rule.actions[0].timestream.timestamp.unit #=> String
resp.rule.actions[0].http.url #=> String
resp.rule.actions[0].http.confirmation_url #=> String
resp.rule.actions[0].http.headers #=> Array
resp.rule.actions[0].http.headers[0].key #=> String
resp.rule.actions[0].http.headers[0].value #=> String
resp.rule.actions[0].http.auth.sigv4.signing_region #=> String
resp.rule.actions[0].http.auth.sigv4.service_name #=> String
resp.rule.actions[0].http.auth.sigv4.role_arn #=> String
resp.rule.rule_disabled #=> true/false
resp.rule.aws_iot_sql_version #=> String
resp.rule.error_action.dynamo_db.table_name #=> String
resp.rule.error_action.dynamo_db.role_arn #=> String
resp.rule.error_action.dynamo_db.operation #=> String
resp.rule.error_action.dynamo_db.hash_key_field #=> String
resp.rule.error_action.dynamo_db.hash_key_value #=> String
resp.rule.error_action.dynamo_db.hash_key_type #=> String, one of "STRING", "NUMBER"
resp.rule.error_action.dynamo_db.range_key_field #=> String
resp.rule.error_action.dynamo_db.range_key_value #=> String
resp.rule.error_action.dynamo_db.range_key_type #=> String, one of "STRING", "NUMBER"
resp.rule.error_action.dynamo_db.payload_field #=> String
resp.rule.error_action.dynamo_d_bv_2.role_arn #=> String
resp.rule.error_action.dynamo_d_bv_2.put_item.table_name #=> String
resp.rule.error_action.lambda.function_arn #=> String
resp.rule.error_action.sns.target_arn #=> String
resp.rule.error_action.sns.role_arn #=> String
resp.rule.error_action.sns.message_format #=> String, one of "RAW", "JSON"
resp.rule.error_action.sqs.role_arn #=> String
resp.rule.error_action.sqs.queue_url #=> String
resp.rule.error_action.sqs.use_base_64 #=> true/false
resp.rule.error_action.kinesis.role_arn #=> String
resp.rule.error_action.kinesis.stream_name #=> String
resp.rule.error_action.kinesis.partition_key #=> String
resp.rule.error_action.republish.role_arn #=> String
resp.rule.error_action.republish.topic #=> String
resp.rule.error_action.republish.qos #=> Integer
resp.rule.error_action.s3.role_arn #=> String
resp.rule.error_action.s3.bucket_name #=> String
resp.rule.error_action.s3.key #=> String
resp.rule.error_action.s3.canned_acl #=> String, one of "private", "public-read", "public-read-write", "aws-exec-read", "authenticated-read", "bucket-owner-read", "bucket-owner-full-control", "log-delivery-write"
resp.rule.error_action.firehose.role_arn #=> String
resp.rule.error_action.firehose.delivery_stream_name #=> String
resp.rule.error_action.firehose.separator #=> String
resp.rule.error_action.firehose.batch_mode #=> true/false
resp.rule.error_action.cloudwatch_metric.role_arn #=> String
resp.rule.error_action.cloudwatch_metric.metric_namespace #=> String
resp.rule.error_action.cloudwatch_metric.metric_name #=> String
resp.rule.error_action.cloudwatch_metric.metric_value #=> String
resp.rule.error_action.cloudwatch_metric.metric_unit #=> String
resp.rule.error_action.cloudwatch_metric.metric_timestamp #=> String
resp.rule.error_action.cloudwatch_alarm.role_arn #=> String
resp.rule.error_action.cloudwatch_alarm.alarm_name #=> String
resp.rule.error_action.cloudwatch_alarm.state_reason #=> String
resp.rule.error_action.cloudwatch_alarm.state_value #=> String
resp.rule.error_action.cloudwatch_logs.role_arn #=> String
resp.rule.error_action.cloudwatch_logs.log_group_name #=> String
resp.rule.error_action.elasticsearch.role_arn #=> String
resp.rule.error_action.elasticsearch.endpoint #=> String
resp.rule.error_action.elasticsearch.index #=> String
resp.rule.error_action.elasticsearch.type #=> String
resp.rule.error_action.elasticsearch.id #=> String
resp.rule.error_action.salesforce.token #=> String
resp.rule.error_action.salesforce.url #=> String
resp.rule.error_action.iot_analytics.channel_arn #=> String
resp.rule.error_action.iot_analytics.channel_name #=> String
resp.rule.error_action.iot_analytics.batch_mode #=> true/false
resp.rule.error_action.iot_analytics.role_arn #=> String
resp.rule.error_action.iot_events.input_name #=> String
resp.rule.error_action.iot_events.message_id #=> String
resp.rule.error_action.iot_events.batch_mode #=> true/false
resp.rule.error_action.iot_events.role_arn #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries #=> Array
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].entry_id #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].asset_id #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_id #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_alias #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_values #=> Array
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_values[0].value.string_value #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_values[0].value.integer_value #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_values[0].value.double_value #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_values[0].value.boolean_value #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_values[0].timestamp.time_in_seconds #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_values[0].timestamp.offset_in_nanos #=> String
resp.rule.error_action.iot_site_wise.put_asset_property_value_entries[0].property_values[0].quality #=> String
resp.rule.error_action.iot_site_wise.role_arn #=> String
resp.rule.error_action.step_functions.execution_name_prefix #=> String
resp.rule.error_action.step_functions.state_machine_name #=> String
resp.rule.error_action.step_functions.role_arn #=> String
resp.rule.error_action.timestream.role_arn #=> String
resp.rule.error_action.timestream.database_name #=> String
resp.rule.error_action.timestream.table_name #=> String
resp.rule.error_action.timestream.dimensions #=> Array
resp.rule.error_action.timestream.dimensions[0].name #=> String
resp.rule.error_action.timestream.dimensions[0].value #=> String
resp.rule.error_action.timestream.timestamp.value #=> String
resp.rule.error_action.timestream.timestamp.unit #=> String
resp.rule.error_action.http.url #=> String
resp.rule.error_action.http.confirmation_url #=> String
resp.rule.error_action.http.headers #=> Array
resp.rule.error_action.http.headers[0].key #=> String
resp.rule.error_action.http.headers[0].value #=> String
resp.rule.error_action.http.auth.sigv4.signing_region #=> String
resp.rule.error_action.http.auth.sigv4.service_name #=> String
resp.rule.error_action.http.auth.sigv4.role_arn #=> String

Options Hash (options):

  • :rule_name (required, String)

    The name of the rule.

Returns:

#get_topic_rule_destination(options = {}) ⇒ Types::GetTopicRuleDestinationResponse

Gets information about a topic rule destination.

Examples:

Request syntax with placeholder values


resp = client.get_topic_rule_destination({
  arn: "AwsArn", # required
})

Response structure


resp.topic_rule_destination.arn #=> String
resp.topic_rule_destination.status #=> String, one of "ENABLED", "IN_PROGRESS", "DISABLED", "ERROR"
resp.topic_rule_destination.status_reason #=> String
resp.topic_rule_destination.http_url_properties.confirmation_url #=> String

Options Hash (options):

  • :arn (required, String)

    The ARN of the topic rule destination.

Returns:

#get_v2_logging_options(options = {}) ⇒ Types::GetV2LoggingOptionsResponse

Gets the fine grained logging options.

Examples:

Request syntax with placeholder values


resp = client.get_v2_logging_options()

Response structure


resp.role_arn #=> String
resp.default_log_level #=> String, one of "DEBUG", "INFO", "ERROR", "WARN", "DISABLED"
resp.disable_all_logs #=> true/false

Returns:

#list_active_violations(options = {}) ⇒ Types::ListActiveViolationsResponse

Lists the active violations for a given Device Defender security profile.

Examples:

Request syntax with placeholder values


resp = client.list_active_violations({
  thing_name: "DeviceDefenderThingName",
  security_profile_name: "SecurityProfileName",
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.active_violations #=> Array
resp.active_violations[0].violation_id #=> String
resp.active_violations[0].thing_name #=> String
resp.active_violations[0].security_profile_name #=> String
resp.active_violations[0].behavior.name #=> String
resp.active_violations[0].behavior.metric #=> String
resp.active_violations[0].behavior.metric_dimension.dimension_name #=> String
resp.active_violations[0].behavior.metric_dimension.operator #=> String, one of "IN", "NOT_IN"
resp.active_violations[0].behavior.criteria.comparison_operator #=> String, one of "less-than", "less-than-equals", "greater-than", "greater-than-equals", "in-cidr-set", "not-in-cidr-set", "in-port-set", "not-in-port-set"
resp.active_violations[0].behavior.criteria.value.count #=> Integer
resp.active_violations[0].behavior.criteria.value.cidrs #=> Array
resp.active_violations[0].behavior.criteria.value.cidrs[0] #=> String
resp.active_violations[0].behavior.criteria.value.ports #=> Array
resp.active_violations[0].behavior.criteria.value.ports[0] #=> Integer
resp.active_violations[0].behavior.criteria.duration_seconds #=> Integer
resp.active_violations[0].behavior.criteria.consecutive_datapoints_to_alarm #=> Integer
resp.active_violations[0].behavior.criteria.consecutive_datapoints_to_clear #=> Integer
resp.active_violations[0].behavior.criteria.statistical_threshold.statistic #=> String
resp.active_violations[0].last_violation_value.count #=> Integer
resp.active_violations[0].last_violation_value.cidrs #=> Array
resp.active_violations[0].last_violation_value.cidrs[0] #=> String
resp.active_violations[0].last_violation_value.ports #=> Array
resp.active_violations[0].last_violation_value.ports[0] #=> Integer
resp.active_violations[0].last_violation_time #=> Time
resp.active_violations[0].violation_start_time #=> Time
resp.next_token #=> String

Options Hash (options):

  • :thing_name (String)

    The name of the thing whose active violations are listed.

  • :security_profile_name (String)

    The name of the Device Defender security profile for which violations are listed.

  • :next_token (String)

    The token for the next set of results.

  • :max_results (Integer)

    The maximum number of results to return at one time.

Returns:

#list_attached_policies(options = {}) ⇒ Types::ListAttachedPoliciesResponse

Lists the policies attached to the specified thing group.

Examples:

Request syntax with placeholder values


resp = client.list_attached_policies({
  target: "PolicyTarget", # required
  recursive: false,
  marker: "Marker",
  page_size: 1,
})

Response structure


resp.policies #=> Array
resp.policies[0].policy_name #=> String
resp.policies[0].policy_arn #=> String
resp.next_marker #=> String

Options Hash (options):

  • :target (required, String)

    The group or principal for which the policies will be listed. Valid principals are CertificateArn (arn:aws:iot:region:accountId:cert/certificateId), thingGroupArn (arn:aws:iot:region:accountId:thinggroup/groupName) and CognitoId (region:id).

  • :recursive (Boolean)

    When true, recursively list attached policies.

  • :marker (String)

    The token to retrieve the next set of results.

  • :page_size (Integer)

    The maximum number of results to be returned per request.

Returns:

#list_audit_findings(options = {}) ⇒ Types::ListAuditFindingsResponse

Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period. (Findings are retained for 90 days.)

Examples:

Request syntax with placeholder values


resp = client.list_audit_findings({
  task_id: "AuditTaskId",
  check_name: "AuditCheckName",
  resource_identifier: {
    device_certificate_id: "CertificateId",
    ca_certificate_id: "CertificateId",
    cognito_identity_pool_id: "CognitoIdentityPoolId",
    client_id: "ClientId",
    policy_version_identifier: {
      policy_name: "PolicyName",
      policy_version_id: "PolicyVersionId",
    },
    account: "AwsAccountId",
    iam_role_arn: "RoleArn",
    role_alias_arn: "RoleAliasArn",
  },
  max_results: 1,
  next_token: "NextToken",
  start_time: Time.now,
  end_time: Time.now,
  list_suppressed_findings: false,
})

Response structure


resp.findings #=> Array
resp.findings[0].finding_id #=> String
resp.findings[0].task_id #=> String
resp.findings[0].check_name #=> String
resp.findings[0].task_start_time #=> Time
resp.findings[0].finding_time #=> Time
resp.findings[0].severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW"
resp.findings[0].non_compliant_resource.resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE"
resp.findings[0].non_compliant_resource.resource_identifier.device_certificate_id #=> String
resp.findings[0].non_compliant_resource.resource_identifier.ca_certificate_id #=> String
resp.findings[0].non_compliant_resource.resource_identifier.cognito_identity_pool_id #=> String
resp.findings[0].non_compliant_resource.resource_identifier.client_id #=> String
resp.findings[0].non_compliant_resource.resource_identifier.policy_version_identifier.policy_name #=> String
resp.findings[0].non_compliant_resource.resource_identifier.policy_version_identifier.policy_version_id #=> String
resp.findings[0].non_compliant_resource.resource_identifier. #=> String
resp.findings[0].non_compliant_resource.resource_identifier.iam_role_arn #=> String
resp.findings[0].non_compliant_resource.resource_identifier.role_alias_arn #=> String
resp.findings[0].non_compliant_resource.additional_info #=> Hash
resp.findings[0].non_compliant_resource.additional_info["String"] #=> String
resp.findings[0].related_resources #=> Array
resp.findings[0].related_resources[0].resource_type #=> String, one of "DEVICE_CERTIFICATE", "CA_CERTIFICATE", "IOT_POLICY", "COGNITO_IDENTITY_POOL", "CLIENT_ID", "ACCOUNT_SETTINGS", "ROLE_ALIAS", "IAM_ROLE"
resp.findings[0].related_resources[0].resource_identifier.device_certificate_id #=> String
resp.findings[0].related_resources[0].resource_identifier.ca_certificate_id #=> String
resp.findings[0].related_resources[0].resource_identifier.cognito_identity_pool_id #=> String
resp.findings[0].related_resources[0].resource_identifier.client_id #=> String
resp.findings[0].related_resources[0].resource_identifier.policy_version_identifier.policy_name #=> String
resp.findings[0].related_resources[0].resource_identifier.policy_version_identifier.policy_version_id #=> String
resp.findings[0].related_resources[0].resource_identifier. #=> String
resp.findings[0].related_resources[0].resource_identifier.iam_role_arn #=> String
resp.findings[0].related_resources[0].resource_identifier.role_alias_arn #=> String
resp.findings[0].related_resources[0].additional_info #=> Hash
resp.findings[0].related_resources[0].additional_info["String"] #=> String
resp.findings[0].reason_for_non_compliance #=> String
resp.findings[0].reason_for_non_compliance_code #=> String
resp.findings[0].is_suppressed #=> true/false
resp.next_token #=> String

Options Hash (options):

  • :task_id (String)

    A filter to limit results to the audit with the specified ID. You must specify either the taskId or the startTime and endTime, but not both.

  • :check_name (String)

    A filter to limit results to the findings for the specified audit check.

  • :resource_identifier (Types::ResourceIdentifier)

    Information identifying the noncompliant resource.

  • :max_results (Integer)

    The maximum number of results to return at one time. The default is 25.

  • :next_token (String)

    The token for the next set of results.

  • :start_time (Time)

    A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both.

  • :end_time (Time)

    A filter to limit results to those found before the specified time. You must specify either the startTime and endTime or the taskId, but not both.

  • :list_suppressed_findings (Boolean)

    Boolean flag indicating whether only the suppressed findings or the unsuppressed findings should be listed. If this parameter isn\'t provided, the response will list both suppressed and unsuppressed findings.

Returns:

#list_audit_mitigation_actions_executions(options = {}) ⇒ Types::ListAuditMitigationActionsExecutionsResponse

Gets the status of audit mitigation action tasks that were executed.

Examples:

Request syntax with placeholder values


resp = client.list_audit_mitigation_actions_executions({
  task_id: "AuditMitigationActionsTaskId", # required
  action_status: "IN_PROGRESS", # accepts IN_PROGRESS, COMPLETED, FAILED, CANCELED, SKIPPED, PENDING
  finding_id: "FindingId", # required
  max_results: 1,
  next_token: "NextToken",
})

Response structure


resp.actions_executions #=> Array
resp.actions_executions[0].task_id #=> String
resp.actions_executions[0].finding_id #=> String
resp.actions_executions[0].action_name #=> String
resp.actions_executions[0].action_id #=> String
resp.actions_executions[0].status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED", "CANCELED", "SKIPPED", "PENDING"
resp.actions_executions[0].start_time #=> Time
resp.actions_executions[0].end_time #=> Time
resp.actions_executions[0].error_code #=> String
resp.actions_executions[0].message #=> String
resp.next_token #=> String

Options Hash (options):

  • :task_id (required, String)

    Specify this filter to limit results to actions for a specific audit mitigation actions task.

  • :action_status (String)

    Specify this filter to limit results to those with a specific status.

  • :finding_id (required, String)