本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# Config AWS 的動作、資源和條件索引鍵
AWS Config (服務字首:`config`) 提供下列服務特定的資源、動作和條件內容索引鍵,可用於 IAM 許可政策。
參考資料:
+ 了解如何[設定此服務](https://docs.aws.amazon.com/config/latest/developerguide/)。
+ 檢視[可供此服務使用的 API 操作](https://docs.aws.amazon.com/config/latest/APIReference/)清單。
+ 了解如何[使用 IAM](https://docs.aws.amazon.com/config/latest/developerguide/example-policies.html) 許可政策來保護此服務及其資源。
**Topics**
+ [Config AWS 定義的動作](#awsconfig-actions-as-permissions)
+ [Config AWS 定義的資源類型](#awsconfig-resources-for-iam-policies)
+ [Config AWS 的條件索引鍵](#awsconfig-policy-keys)
## Config AWS 定義的動作
您可在 IAM 政策陳述式的 `Action` 元素中指定以下動作。使用政策來授予在 AWS中執行操作的許可。在政策中使用動作時,通常會允許或拒絕存取相同名稱的 API 操作或 CLI 命令。不過,在某些情況下,單一動作可控制對多個操作的存取。或者,某些操作需要多種不同的動作。
動作資料表的**存取層級**欄說明動作的分類方式 (列出、讀取、許可管理或標記)。此分類可協助您了解在政策中使用某動作時,該動作授予您的存取層級。如需存取層級的詳細資訊,請參閱[政策摘要中的存取層級](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.html)。
「動作」資料表的**資源類型**欄會指出每個動作是否支援資源層級的許可。如果此欄沒有值,您必須在政策陳述式的 `Resource` 元素中指定政策適用的所有資源 ("\*")。如果資料欄包含資源類型,則您可以在具有該動作的陳述式中指定該類型的 ARN。如果動作具有一或多個必要資源,呼叫者必須具有對這些資源使用動作的許可。表格中的必要資源會以星號 (\*) 表示。如果您使用 IAM 政策中的 `Resource` 元素限制資源存取,則每種必要的資源類型必須要有 ARN 或模式。某些動作支援多種資源類型。如果資源類型是選用 (未顯示為必要),則您可以選擇使用其中一種選用資源類型。
「動作」資料表的**條件索引鍵**欄包含您可以在政策陳述式的 `Condition` 元素中指定的索引鍵。如需有關與服務資源相關聯之條件索引鍵的詳細資訊,請參閱「資源類型」資料表的**條件索引鍵**欄。
動作資料表的**相依動作**欄會顯示成功呼叫動作所需的其他許可。除了 動作本身的許可之外,還可能需要這些許可。當動作指定相依動作時,這些相依性可能適用於針對該動作定義的其他資源,而不只是資料表中列出的第一個資源。
**注意**
資源條件索引鍵會列在[資源類型](#awsconfig-resources-for-iam-policies)資料表中。您可以在「動作」資料表的**資源類型 (\*必填) **欄中找到適用於動作的資源類型連結。「資源類型」資料表中的資源類型包括**條件索引鍵**欄,其中包含套用至「動作」資料表中動作的資源條件索引鍵。
如需下表各欄的詳細資訊,請參閱[動作資料表](reference_policies_actions-resources-contextkeys.html#actions_table)。
****
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_AssociateResourceTypes.html](https://docs.aws.amazon.com/config/latest/APIReference/API_AssociateResourceTypes.html) **
- **描述:** 准許將所有指定的資源類型新增至組態記錄器的 RecordingGroup,並在記錄時包含這些資源類型
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_BatchGetAggregateResourceConfig.html](https://docs.aws.amazon.com/config/latest/APIReference/API_BatchGetAggregateResourceConfig.html) **
- **描述:** 准許傳回 AWS Config 彙總工具中存在之資源的目前組態項目
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_BatchGetResourceConfig.html](https://docs.aws.amazon.com/config/latest/APIReference/API_BatchGetResourceConfig.html) **
- **描述:** 准許傳回一或多個所請求資源的目前組態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteAggregationAuthorization.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteAggregationAuthorization.html) **
- **描述:** 准許刪除特定區域中授予特定組態彙總帳戶的授權
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-AggregationAuthorization](#awsconfig-AggregationAuthorization)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigRule.html) **
- **描述:** 准許刪除指定的 AWS Config 規則及其所有評估結果
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigurationAggregator.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigurationAggregator.html) **
- **描述:** 准許刪除指定的組態彙總工具,以及與彙總工具相關聯的彙總資料
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigurationRecorder.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConfigurationRecorder.html) **
- **描述:** 准許刪除客戶受管組態記錄器
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConformancePack.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteConformancePack.html) **
- **描述:** 准許刪除指定的一致性套件,以及該一致性套件內的所有 AWS Config 規則和所有評估結果
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConformancePack](#awsconfig-ConformancePack)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteDeliveryChannel.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteDeliveryChannel.html) **
- **描述:** 准許刪除傳送通道
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteEvaluationResults.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteEvaluationResults.html) **
- **描述:** 准許刪除指定 Config 規則的評估結果
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteOrganizationConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteOrganizationConfigRule.html) **
- **描述:** 准許從該組織的所有成員帳戶中,刪除指定的組織組態規則及其所有評估結果
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConfigRule](#awsconfig-OrganizationConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteOrganizationConformancePack.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteOrganizationConformancePack.html) **
- **描述:** 准許從該組織的所有成員帳戶中,刪除指定的組織符合性套件及其所有評估結果
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConformancePack](#awsconfig-OrganizationConformancePack)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeletePendingAggregationRequest.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeletePendingAggregationRequest.html) **
- **描述:** 准許刪除特定區域中特定彙總帳戶的待定授權請求
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRemediationConfiguration.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRemediationConfiguration.html) **
- **描述:** 准許刪除修補組態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-RemediationConfiguration](#awsconfig-RemediationConfiguration)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRemediationExceptions.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRemediationExceptions.html) **
- **描述:** 准許刪除特定 Config AWS 規則之特定資源金鑰的一或多個修復例外狀況
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteResourceConfig.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteResourceConfig.html) **
- **描述:** 准許記錄已刪除之自訂資源的組態狀態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRetentionConfiguration.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteRetentionConfiguration.html) **
- **描述:** 准許刪除保留組態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteServiceLinkedConfigurationRecorder.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteServiceLinkedConfigurationRecorder.html) **
- **描述:** 准許刪除服務連結組態記錄器
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-config_ConfigurationRecorderServicePrincipal](#awsconfig-config_ConfigurationRecorderServicePrincipal) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteStoredQuery.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeleteStoredQuery.html) **
- **描述:** 准許刪除 AWS 帳戶 中 的預存查詢 AWS 區域
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-StoredQuery](#awsconfig-StoredQuery)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DeliverConfigSnapshot.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DeliverConfigSnapshot.html) **
- **描述:** 准許排定在指定的傳送通道中將組態快照傳送到 Amazon S3 儲存貯體
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregateComplianceByConfigRules.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregateComplianceByConfigRules.html) **
- **描述:** 准許傳回合規和不合規規則的清單,以及合規和不合規規則的資源數量
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregateComplianceByConformancePacks.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregateComplianceByConformancePacks.html) **
- **描述:** 准許傳回合規和不合規的一致性套件清單,註明每個一致性套件當中合規、不合規的規則數量和規則總數
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregationAuthorizations.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeAggregationAuthorizations.html) **
- **描述:** 准許傳回授與各種彙總帳戶和區域的授權清單
- **存取層級:** 清單
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeComplianceByConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeComplianceByConfigRule.html) **
- **描述:** 准許指出指定的 Config AWS 規則是否合規
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeComplianceByResource.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeComplianceByResource.html) **
- **描述:** 准許指出指定的 AWS 資源是否合規
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRuleEvaluationStatus.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRuleEvaluationStatus.html) **
- **描述:** 准許傳回每個 AWS 受管 Config 規則的狀態資訊
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRules.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRules.html) **
- **描述:** 准許傳回 Config AWS 規則的詳細資訊
- **存取層級:** 清單
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregatorSourcesStatus.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregatorSourcesStatus.html) **
- **描述:** 准許傳回彙總工具內來源的狀態資訊
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregators.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregators.html) **
- **描述:** 准許傳回一或多個組態彙總工具的詳細資訊
- **存取層級:** 列出
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationRecorderStatus.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationRecorderStatus.html) **
- **描述:** 准許傳回特定組態記錄器的目前狀態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-config_ConfigurationRecorderServicePrincipal](#awsconfig-config_ConfigurationRecorderServicePrincipal) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationRecorders.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationRecorders.html) **
- **描述:** 准許傳回一或多個特定組態記錄器的名稱
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-config_ConfigurationRecorderServicePrincipal](#awsconfig-config_ConfigurationRecorderServicePrincipal) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePackCompliance.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePackCompliance.html) **
- **描述:** 准許傳回該符合性套件中每個規則的合規資訊
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConformancePack](#awsconfig-ConformancePack)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePackStatus.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePackStatus.html) **
- **描述:** 准許提供一或多個符合性套件部署狀態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePacks.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConformancePacks.html) **
- **描述:** 准許傳回一或多個符合性套件的清單
- **存取層級:** 列出
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannelStatus.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannelStatus.html) **
- **描述:** 准許傳回特定傳送通道的目前狀態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannels.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannels.html) **
- **描述:** 准許傳回特定傳送通道的詳細資訊
- **存取層級:** 列出
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConfigRuleStatuses.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConfigRuleStatuses.html) **
- **描述:** 准許提供組織的組織組態規則部署狀態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConfigRules.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConfigRules.html) **
- **描述:** 准許傳回組織組態規則清單
- **存取層級:** 列出
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConformancePackStatuses.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConformancePackStatuses.html) **
- **描述:** 准許提供組織的組織符合性套件部署狀態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConformancePacks.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeOrganizationConformancePacks.html) **
- **描述:** 准許傳回組織符合性套件的清單
- **存取層級:** 列出
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribePendingAggregationRequests.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribePendingAggregationRequests.html) **
- **描述:** 准許傳回所有擱置中的彙總請求清單
- **存取層級:** 列出
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationConfigurations.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationConfigurations.html) **
- **描述:** 准許傳回一或多個修補組態的詳細資訊
- **存取層級:** 列出
- **資源類型 (\*必填項目):** [#awsconfig-RemediationConfiguration](#awsconfig-RemediationConfiguration)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationExceptions.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationExceptions.html) **
- **描述:** 准許傳回一或多個修補例外狀況的詳細資訊
- **存取層級:** 列出
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationExecutionStatus.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationExecutionStatus.html) **
- **描述:** 准許提供一組資源的詳細「補救執行」檢視,包括失敗步驟的狀態、時間戳記和任何錯誤訊息
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-RemediationConfiguration](#awsconfig-RemediationConfiguration)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRetentionConfigurations.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRetentionConfigurations.html) **
- **描述:** 准許傳回一或多個保留組態的詳細資訊
- **存取層級:** 清單
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_DisassociateResourceTypes.html](https://docs.aws.amazon.com/config/latest/APIReference/API_DisassociateResourceTypes.html) **
- **描述:** 准許從組態記錄器的 RecordingGroup 中移除所有指定的資源類型,並在記錄時排除這些資源類型
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateComplianceDetailsByConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateComplianceDetailsByConfigRule.html) **
- **描述:** 准許傳回規則中特定資源之指定 AWS Config 規則的評估結果
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateConfigRuleComplianceSummary.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateConfigRuleComplianceSummary.html) **
- **描述:** 准許針對彙總工具中的一或多個帳戶和區域,傳回合規和不合規的規則數量
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateConformancePackComplianceSummary.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateConformancePackComplianceSummary.html) **
- **描述:** 准許針對彙總工具中的一或多個帳戶和區域,傳回合規和不合規的一致性套件數量
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateDiscoveredResourceCounts.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateDiscoveredResourceCounts.html) **
- **描述:** 准許傳回存在於 AWS Config 彙總工具中跨帳戶和區域的資源計數
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateResourceConfig.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetAggregateResourceConfig.html) **
- **描述:** 准許傳回在特定來源帳戶和區域中針對特定資源而彙總的組態項目
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceDetailsByConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceDetailsByConfigRule.html) **
- **描述:** 准許傳回指定 Config AWS 規則的評估結果
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceDetailsByResource.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceDetailsByResource.html) **
- **描述:** 准許傳回指定 AWS 資源的評估結果
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceSummaryByConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceSummaryByConfigRule.html) **
- **描述:** 准許傳回合規和不合規的 AWS Config 規則數目,每個規則最多 25 個
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceSummaryByResourceType.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetComplianceSummaryByResourceType.html) **
- **描述:** 准許傳回合規的資源數量和不合規的資源數量
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetConformancePackComplianceDetails.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetConformancePackComplianceDetails.html) **
- **描述:** 准許傳回一致性套件所監控之所有 AWS 資源的一致性套件合規詳細資訊
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConformancePack](#awsconfig-ConformancePack)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetConformancePackComplianceSummary.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetConformancePackComplianceSummary.html) **
- **描述:** 准許提供一或多個符合性套件的合規摘要
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConformancePack](#awsconfig-ConformancePack)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetCustomRulePolicy.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetCustomRulePolicy.html) **
- **描述:** 准許傳回包含 Config AWS 自訂政策規則邏輯的政策定義
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetDiscoveredResourceCounts.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetDiscoveredResourceCounts.html) **
- **描述:** 准許傳回 資源類型、每個資源類型的數量,以及 AWS Config 在此區域中為 所記錄的資源總數 AWS 帳戶
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationConfigRuleDetailedStatus.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationConfigRuleDetailedStatus.html) **
- **描述:** 准許針對指定的組織組態規則,傳回組織內每個成員帳戶的詳細狀態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConfigRule](#awsconfig-OrganizationConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationConformancePackDetailedStatus.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationConformancePackDetailedStatus.html) **
- **描述:** 准許針對指定的組織符合性套件,傳回組織內每個成員帳戶的詳細狀態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConformancePack](#awsconfig-OrganizationConformancePack)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationCustomRulePolicy.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetOrganizationCustomRulePolicy.html) **
- **描述:** 准許傳回包含組織 Config AWS 自訂政策規則邏輯的政策定義
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConfigRule](#awsconfig-OrganizationConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetResourceConfigHistory.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetResourceConfigHistory.html) **
- **描述:** 准許傳回特定資源的組態項目清單
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetResourceEvaluationSummary.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetResourceEvaluationSummary.html) **
- **描述:** 准許針對特定的資源評估 ID 傳回資源評估摘要
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_GetStoredQuery.html](https://docs.aws.amazon.com/config/latest/APIReference/API_GetStoredQuery.html) **
- **描述:** 准許傳回存儲之特定查詢的詳細資訊
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-StoredQuery](#awsconfig-StoredQuery)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_ListAggregateDiscoveredResources.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ListAggregateDiscoveredResources.html) **
- **描述:** 准許接受資源類型,並傳回在帳戶和區域各處針對特定資源類型所彙總的資源識別符清單
- **存取層級:** 清單
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_ListConfigurationRecorders.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ListConfigurationRecorders.html) **
- **描述:** 准許列出 AWS 帳戶 中 的組態記錄器摘要 AWS 區域
- **存取層級:** 清單
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_ListConformancePackComplianceScores.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ListConformancePackComplianceScores.html) **
- **描述:** 准許傳回一致性套件中合規規則資源組合佔可能的規則資源組合總數的百分比
- **存取層級:** 清單
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_ListDiscoveredResources.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ListDiscoveredResources.html) **
- **描述:** 准許接受資源類型,並傳回該類型之資源的資源識別符清單
- **存取層級:** 清單
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_ListResourceEvaluations.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ListResourceEvaluations.html) **
- **描述:** 准許列出 AWS 帳戶 中 的資源評估摘要 AWS 區域
- **存取層級:** 清單
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_ListStoredQueries.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ListStoredQueries.html) **
- **描述:** 准許列出 AWS 帳戶 中 的預存查詢 AWS 區域
- **存取層級:** 清單
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_ListTagsForResource.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ListTagsForResource.html) **
- **描述:** 准許列出 AWS Config 資源的標籤
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-AggregationAuthorization](#awsconfig-AggregationAuthorization) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConformancePack](#awsconfig-ConformancePack) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConfigRule](#awsconfig-OrganizationConfigRule) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConformancePack](#awsconfig-OrganizationConformancePack) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-StoredQuery](#awsconfig-StoredQuery) / **條件索引鍵:** / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutAggregationAuthorization.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutAggregationAuthorization.html) **
- **描述:** 准許授權彙總帳戶和區域從來源帳戶和區域收集資料
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-AggregationAuthorization](#awsconfig-AggregationAuthorization) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-aws_RequestTag___TagKey_](#awsconfig-aws_RequestTag___TagKey_)
[#awsconfig-aws_TagKeys](#awsconfig-aws_TagKeys) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigRule.html) **
- **描述:** 准許新增或更新 Config AWS 規則,以評估您的 AWS 資源是否符合所需的組態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-aws_RequestTag___TagKey_](#awsconfig-aws_RequestTag___TagKey_)
[#awsconfig-aws_TagKeys](#awsconfig-aws_TagKeys) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigurationAggregator.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigurationAggregator.html) **
- **描述:** 准許以選取的來源帳戶和區域建立和更新組態彙總工具
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator) / **條件索引鍵:** / **相依動作:** iam:PassRole
organizations:EnableAWSServiceAccess
organizations:ListDelegatedAdministrators
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-aws_RequestTag___TagKey_](#awsconfig-aws_RequestTag___TagKey_)
[#awsconfig-aws_TagKeys](#awsconfig-aws_TagKeys) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigurationRecorder.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigurationRecorder.html) **
- **描述:** 准許建立或更新客戶受管組態記錄器,以記錄選取的資源組態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder) / **條件索引鍵:** / **相依動作:** iam:PassRole
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-aws_RequestTag___TagKey_](#awsconfig-aws_RequestTag___TagKey_)
[#awsconfig-aws_TagKeys](#awsconfig-aws_TagKeys) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutConformancePack.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutConformancePack.html) **
- **描述:** 准許建立或更新符合性套件
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConformancePack](#awsconfig-ConformancePack)
- **條件索引鍵:**
- **相依動作:** iam:CreateServiceLinkedRole
iam:PassRole
s3:GetObject
s3:ListBucket
ssm:GetDocument
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutDeliveryChannel.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutDeliveryChannel.html) **
- **描述:** 准許建立傳送通道物件,以將組態資訊傳遞至 Amazon S3 儲存貯體和 Amazon SNS 主題
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutEvaluations.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutEvaluations.html) **
- **描述:** 准許 AWS Lambda 函數使用 將評估結果交付至 AWS Config
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutExternalEvaluation.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutExternalEvaluation.html) **
- **描述:** 准許將評估結果交付至 AWS Config
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutOrganizationConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutOrganizationConfigRule.html) **
- **描述:** 准許為您的整個組織新增或更新組織組態規則,以評估您的 AWS 資源是否符合所需的組態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConfigRule](#awsconfig-OrganizationConfigRule)
- **條件索引鍵:**
- **相依動作:** iam:CreateServiceLinkedRole
iam:PassRole
organizations:EnableAWSServiceAccess
organizations:ListDelegatedAdministrators
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutOrganizationConformancePack.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutOrganizationConformancePack.html) **
- **描述:** 准許為您的整個組織新增或更新組織一致性套件,以評估您的 AWS 資源是否符合所需的組態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConformancePack](#awsconfig-OrganizationConformancePack)
- **條件索引鍵:**
- **相依動作:** iam:CreateServiceLinkedRole
iam:PassRole
organizations:EnableAWSServiceAccess
organizations:ListDelegatedAdministrators
s3:GetObject
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutRemediationConfigurations.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutRemediationConfigurations.html) **
- **描述:** 准許使用具有所選目標或動作的特定 AWS Config 規則新增或更新修補組態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-RemediationConfiguration](#awsconfig-RemediationConfiguration)
- **條件索引鍵:**
- **相依動作:** iam:PassRole
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutRemediationExceptions.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutRemediationExceptions.html) **
- **描述:** 准許新增或更新特定 Config AWS 規則之特定資源的修復例外狀況
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutResourceConfig.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutResourceConfig.html) **
- **描述:** 准許記錄要求中提供之資源的組態狀態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutRetentionConfiguration.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutRetentionConfiguration.html) **
- **描述:** 准許建立和更新保留組態,其中包含 Config 存放您歷史資訊之保留期間 (天數) AWS 的詳細資訊
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutServiceLinkedConfigurationRecorder.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutServiceLinkedConfigurationRecorder.html) **
- **描述:** 准許建立新的服務連結組態記錄器,以記錄連結服務範圍內的資源組態
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:** [#awsconfig-aws_RequestTag___TagKey_](#awsconfig-aws_RequestTag___TagKey_)
[#awsconfig-aws_TagKeys](#awsconfig-aws_TagKeys)
[#awsconfig-config_ConfigurationRecorderServicePrincipal](#awsconfig-config_ConfigurationRecorderServicePrincipal)
- **相依動作:** iam:CreateServiceLinkedRole
iam:PassRole
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_PutStoredQuery.html](https://docs.aws.amazon.com/config/latest/APIReference/API_PutStoredQuery.html) **
- **描述:** 准許儲存新的查詢或更新儲存的現有查詢
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-StoredQuery](#awsconfig-StoredQuery) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-aws_RequestTag___TagKey_](#awsconfig-aws_RequestTag___TagKey_)
[#awsconfig-aws_TagKeys](#awsconfig-aws_TagKeys) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_SelectAggregateResourceConfig.html](https://docs.aws.amazon.com/config/latest/APIReference/API_SelectAggregateResourceConfig.html) **
- **描述:** 准許接受結構化查詢語言 (SQL) SELECT 命令和彙整工具,以查詢跨多個帳戶和區域的 AWS 資源組態狀態、執行對應的搜尋,並傳回符合屬性的資源組態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_SelectResourceConfig.html](https://docs.aws.amazon.com/config/latest/APIReference/API_SelectResourceConfig.html) **
- **描述:** 准許接受結構式查詢語言 (SQL) SELECT 命令、執行對應的搜尋,然後傳回符合屬性的資源組態
- **存取層級:** 讀取
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_StartConfigRulesEvaluation.html](https://docs.aws.amazon.com/config/latest/APIReference/API_StartConfigRulesEvaluation.html) **
- **描述:** 准許根據指定的 Config 規則來評估資源
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_StartConfigurationRecorder.html](https://docs.aws.amazon.com/config/latest/APIReference/API_StartConfigurationRecorder.html) **
- **描述:** 准許客戶受管組態記錄器開始記錄您選取要在 中記錄 AWS 的資源組態 AWS 帳戶
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_StartRemediationExecution.html](https://docs.aws.amazon.com/config/latest/APIReference/API_StartRemediationExecution.html) **
- **描述:** 准許針對上次已知的修補組態,執行指定 AWS Config 規則的隨需修補
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:** iam:PassRole
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_StartResourceEvaluation.html](https://docs.aws.amazon.com/config/latest/APIReference/API_StartResourceEvaluation.html) **
- **描述:** 准許根據帳戶中的 Config AWS 規則評估您的資源詳細資訊
- **存取層級:** 寫入
- **資源類型 (\*必填項目):**
- **條件索引鍵:**
- **相依動作:** cloudformation:DescribeType
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_StopConfigurationRecorder.html](https://docs.aws.amazon.com/config/latest/APIReference/API_StopConfigurationRecorder.html) **
- **描述:** 准許客戶受管組態記錄器停止記錄您選取要在 中記錄 AWS 的資源組態 AWS 帳戶
- **存取層級:** 寫入
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder)
- **條件索引鍵:**
- **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_TagResource.html](https://docs.aws.amazon.com/config/latest/APIReference/API_TagResource.html) **
- **描述:** 准許將指定的標籤與具有特定 resourceArn 的資源關聯
- **存取層級:** 標記
- **資源類型 (\*必填項目):** [#awsconfig-AggregationAuthorization](#awsconfig-AggregationAuthorization) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConformancePack](#awsconfig-ConformancePack) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConfigRule](#awsconfig-OrganizationConfigRule) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConformancePack](#awsconfig-OrganizationConformancePack) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-StoredQuery](#awsconfig-StoredQuery) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-aws_RequestTag___TagKey_](#awsconfig-aws_RequestTag___TagKey_)
[#awsconfig-aws_TagKeys](#awsconfig-aws_TagKeys) / **相依動作:**
- ** [https://docs.aws.amazon.com/config/latest/APIReference/API_UntagResource.html](https://docs.aws.amazon.com/config/latest/APIReference/API_UntagResource.html) **
- **描述:** 准許刪除資源中的指定標籤
- **存取層級:** 標記
- **資源類型 (\*必填項目):** [#awsconfig-AggregationAuthorization](#awsconfig-AggregationAuthorization) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigRule](#awsconfig-ConfigRule) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationAggregator](#awsconfig-ConfigurationAggregator) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConfigurationRecorder](#awsconfig-ConfigurationRecorder) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-ConformancePack](#awsconfig-ConformancePack) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConfigRule](#awsconfig-OrganizationConfigRule) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-OrganizationConformancePack](#awsconfig-OrganizationConformancePack) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** [#awsconfig-StoredQuery](#awsconfig-StoredQuery) / **條件索引鍵:** / **相依動作:**
- **資源類型 (\*必填項目):** / **條件索引鍵:** [#awsconfig-aws_TagKeys](#awsconfig-aws_TagKeys) / **相依動作:**
## Config AWS 定義的資源類型
此服務會定義下列資源類型,並可用在 IAM 許可政策陳述式的 `Resource` 元素中。[動作表格](#awsconfig-actions-as-permissions)中的每個動作都代表可使用該動作指定的資源類型。資源類型也能定義您可以在政策中包含哪些條件索引鍵。這些索引鍵都會顯示在「資源類型」資料表的最後一欄。如需下表各欄的詳細資訊,請參閱[資源類型資料表](reference_policies_actions-resources-contextkeys.html#resources_table)。
****
| 資源類型 | ARN | 條件索引鍵 |
| --- | --- | --- |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_AggregationAuthorization.html](https://docs.aws.amazon.com/config/latest/APIReference/API_AggregationAuthorization.html) | arn:${Partition}:config:${Region}:${Account}:aggregation-authorization/${AggregatorAccount}/${AggregatorRegion} | [#awsconfig-aws_ResourceTag___TagKey_](#awsconfig-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigurationAggregator.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigurationAggregator.html) | arn:${Partition}:config:${Region}:${Account}:config-aggregator/${AggregatorId} | [#awsconfig-aws_ResourceTag___TagKey_](#awsconfig-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigRule.html) | arn:${Partition}:config:${Region}:${Account}:config-rule/${ConfigRuleId} | [#awsconfig-aws_ResourceTag___TagKey_](#awsconfig-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_ConformancePackDetail.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ConformancePackDetail.html) | arn:${Partition}:config:${Region}:${Account}:conformance-pack/${ConformancePackName}/${ConformancePackId} | [#awsconfig-aws_ResourceTag___TagKey_](#awsconfig-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_OrganizationConfigRule.html](https://docs.aws.amazon.com/config/latest/APIReference/API_OrganizationConfigRule.html) | arn:${Partition}:config:${Region}:${Account}:organization-config-rule/${OrganizationConfigRuleId} | [#awsconfig-aws_ResourceTag___TagKey_](#awsconfig-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_OrganizationConformancePack.html](https://docs.aws.amazon.com/config/latest/APIReference/API_OrganizationConformancePack.html) | arn:${Partition}:config:${Region}:${Account}:organization-conformance-pack/${OrganizationConformancePackId} | [#awsconfig-aws_ResourceTag___TagKey_](#awsconfig-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationConfiguration.html](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationConfiguration.html) | arn:${Partition}:config:${Region}:${Account}:remediation-configuration/${RemediationConfigurationId} | |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_StoredQuery.html](https://docs.aws.amazon.com/config/latest/APIReference/API_StoredQuery.html) | arn:${Partition}:config:${Region}:${Account}:stored-query/${StoredQueryName}/${StoredQueryId} | [#awsconfig-aws_ResourceTag___TagKey_](#awsconfig-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigurationRecorder.html](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigurationRecorder.html) | arn:${Partition}:config:${Region}:${Account}:configuration-recorder/${RecorderName}/${RecorderId} | [#awsconfig-aws_ResourceTag___TagKey_](#awsconfig-aws_ResourceTag___TagKey_) |
## Config AWS 的條件索引鍵
AWS Config 定義下列條件索引鍵,可用於 IAM 政策的 `Condition`元素。您可以使用這些索引鍵來縮小套用政策陳述式的條件。如需下表各欄的詳細資訊,請參閱[條件索引鍵表](reference_policies_actions-resources-contextkeys.html#context_keys_table)。
若要檢視所有 服務可用的全域條件索引鍵,請參閱[AWS 全域條件內容索引鍵](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html)。
****
| 條件索引鍵 | 描述 | 類型 |
| --- | --- | --- |
| [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag) | 依每個標籤的允許值集來篩選存取 | 字串 |
| [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag) | 依與資源相關聯的標籤值篩選存取權 | 字串 |
| [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys) | 依請求中是否存在強制性標籤來篩選存取 | ArrayOfString |
| [https://docs.aws.amazon.com/config/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.aws.amazon.com/config/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys) | 依組態記錄器的服務主體篩選存取權 | String |