檢視符合性套件的詳細資訊與符合性資訊

重要

若要準確報告合規狀態，您必須記錄 AWS::Config::ResourceCompliance 資源類型。如需詳細資訊，請參閱錄製 AWS 資源。

您可以使用主 AWS Config 控台或檢視 AWS CLI 您的一致性套件。 AWS Config 控制台具有統一的儀表板。 AWS CLI 可讓您執行指令以取得特定資訊。

Viewing Conformance Packs (Console)

若要在中檢視您的一致性套件 AWS Management Console，請參閱「一致性套件控制面板套件」。

Viewing the Details for your Conformance Packs (AWS CLI)

1. 輸入以下命令。

   aws configservice describe-conformance-packs 

   或

   aws configservice describe-conformance-packs --conformance-pack-name="MyConformancePack1"

2. 您應該會看到類似下列的輸出。

   {
       "conformancePackName": "MyConformancePack1",
       "conformancePackId": "conformance-pack-ID",
       "conformancePackArn": "arn:aws:config:us-west-2:AccountID:conformance-pack/MyConformancePack1/conformance-pack-ID",
       "conformancePackInputParameters": [],
       "lastUpdateRequestedTime": "Thu Jul 18 16:07:05 PDT 2019"
   }

Viewing the Status for your Conformance Packs (AWS CLI)

1. 輸入以下命令。

   aws configservice describe-conformance-pack-status --conformance-pack-name="MyConformancePack1"

2. 您應該會看到類似下列的輸出。

   {
       "stackArn": "arn:aws:cloudformation:us-west-2:AccountID:stack/awsconfigconforms-MyConformancePack1-conformance-pack-ID/d4301fe0-a9b1-11e9-994d-025f28dd83ba",
       "conformancePackName": "MyConformancePack1",
       "conformancePackId": "conformance-pack-ID",
       "lastUpdateCompletedTime": "Thu Jul 18 16:15:17 PDT 2019",
       "conformancePackState": "CREATE_COMPLETE",
       "conformancePackArn": "arn:aws:config:us-west-2:AccountID:conformance-pack/MyConformancePack1/conformance-pack-ID",
       "lastUpdateRequestedTime": "Thu Jul 18 16:14:35 PDT 2019"
   }
   

Viewing the Compliance Status for your Conformance Packs (AWS CLI)

1. 輸入以下命令。

   aws configservice describe-conformance-pack-compliance --conformance-pack-name="MyConformancePack1"

2. 您應該會看到類似下列的輸出。

   {
       "conformancePackName": "MyConformancePack1",
       "conformancePackRuleComplianceList": [
           {
               "configRuleName": "awsconfigconforms-RuleName1-conformance-pack-ID",
               "complianceType": "NON_COMPLIANT"
           },
           {
               "configRuleName": "awsconfigconforms-RuleName2-conformance-pack-ID",
               "complianceType": "COMPLIANT"
           }
       ]
   }

Viewing the Compliance Details for your Conformance Packs (AWS CLI)

1. 輸入以下命令。

   aws configservice get-conformance-pack-compliance-details --conformance-pack-name="MyConformancePack1"

2. 您應該會看到類似下列的輸出。

   {
       "conformancePackRuleEvaluationResults": [
           {
               "evaluationResultIdentifier": {
                   "orderingTimestamp": "Tue Jul 16 23:07:35 PDT 2019",
                   "evaluationResultQualifier": {
                       "resourceId": "resourceID",
                       "configRuleName": "awsconfigconforms-RuleName1-conformance-pack-ID",
                       "resourceType": "AWS::::Account"
                   }
               },
               "configRuleInvokedTime": "Tue Jul 16 23:07:50 PDT 2019",
               "resultRecordedTime": "Tue Jul 16 23:07:51 PDT 2019",
               "complianceType": "NON_COMPLIANT"
           },
           {
               "evaluationResultIdentifier": {
                   "orderingTimestamp": "Thu Jun 27 15:16:36 PDT 2019",
                   "evaluationResultQualifier": {
                       "resourceId": "resourceID",
                       "configRuleName": "awsconfigconforms-RuleName2-conformance-pack-ID",
                       "resourceType": "AWS::EC2::SecurityGroup"
                   }
               },
              "configRuleInvokedTime": "Thu Jul 11 23:08:06 PDT 2019",
               "resultRecordedTime": "Thu Jul 11 23:08:06 PDT 2019",
               "complianceType": "COMPLIANT"
           }
       ],
       "conformancePackName": "MyConformancePack1"
   }
   }