2021/02/15 - AWS Config - 2 updated api methods
Changes Added option to provide KMS key to AWS Config DeliveryChannel
{'DeliveryChannels': {'s3KmsKeyArn': 'string'}}
Returns details about the specified delivery channel. If a delivery channel is not specified, this action returns the details of all delivery channels associated with the account.
Note
Currently, you can specify only one delivery channel per region in your account.
See also: AWS API Documentation
Request Syntax
client.describe_delivery_channels(
DeliveryChannelNames=[
'string',
]
)
list
A list of delivery channel names.
(string) --
dict
Response Syntax
{
'DeliveryChannels': [
{
'name': 'string',
's3BucketName': 'string',
's3KeyPrefix': 'string',
's3KmsKeyArn': 'string',
'snsTopicARN': 'string',
'configSnapshotDeliveryProperties': {
'deliveryFrequency': 'One_Hour'|'Three_Hours'|'Six_Hours'|'Twelve_Hours'|'TwentyFour_Hours'
}
},
]
}
Response Structure
(dict) --
The output for the DescribeDeliveryChannels action.
DeliveryChannels (list) --
A list that contains the descriptions of the specified delivery channel.
(dict) --
The channel through which AWS Config delivers notifications and updated configuration states.
name (string) --
The name of the delivery channel. By default, AWS Config assigns the name "default" when creating the delivery channel. To change the delivery channel name, you must use the DeleteDeliveryChannel action to delete your current delivery channel, and then you must use the PutDeliveryChannel command to create a delivery channel that has the desired name.
s3BucketName (string) --
The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
If you specify a bucket that belongs to another AWS account, that bucket must have policies that grant access permissions to AWS Config. For more information, see Permissions for the Amazon S3 Bucket in the AWS Config Developer Guide.
s3KeyPrefix (string) --
The prefix for the specified Amazon S3 bucket.
s3KmsKeyArn (string) --
The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) customer managed key (CMK) used to encrypt objects delivered by AWS Config. Must belong to the same Region as the destination S3 bucket.
snsTopicARN (string) --
The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
If you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config. For more information, see Permissions for the Amazon SNS Topic in the AWS Config Developer Guide.
configSnapshotDeliveryProperties (dict) --
The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.
deliveryFrequency (string) --
The frequency with which AWS Config delivers configuration snapshots.
{'DeliveryChannel': {'s3KmsKeyArn': 'string'}}
Creates a delivery channel object to deliver configuration information to an Amazon S3 bucket and Amazon SNS topic.
Before you can create a delivery channel, you must create a configuration recorder.
You can use this action to change the Amazon S3 bucket or an Amazon SNS topic of the existing delivery channel. To change the Amazon S3 bucket or an Amazon SNS topic, call this action and specify the changed values for the S3 bucket and the SNS topic. If you specify a different value for either the S3 bucket or the SNS topic, this action will keep the existing value for the parameter that is not changed.
Note
You can have only one delivery channel per region in your account.
See also: AWS API Documentation
Request Syntax
client.put_delivery_channel(
DeliveryChannel={
'name': 'string',
's3BucketName': 'string',
's3KeyPrefix': 'string',
's3KmsKeyArn': 'string',
'snsTopicARN': 'string',
'configSnapshotDeliveryProperties': {
'deliveryFrequency': 'One_Hour'|'Three_Hours'|'Six_Hours'|'Twelve_Hours'|'TwentyFour_Hours'
}
}
)
dict
[REQUIRED]
The configuration delivery channel object that delivers the configuration information to an Amazon S3 bucket and to an Amazon SNS topic.
name (string) --
The name of the delivery channel. By default, AWS Config assigns the name "default" when creating the delivery channel. To change the delivery channel name, you must use the DeleteDeliveryChannel action to delete your current delivery channel, and then you must use the PutDeliveryChannel command to create a delivery channel that has the desired name.
s3BucketName (string) --
The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
If you specify a bucket that belongs to another AWS account, that bucket must have policies that grant access permissions to AWS Config. For more information, see Permissions for the Amazon S3 Bucket in the AWS Config Developer Guide.
s3KeyPrefix (string) --
The prefix for the specified Amazon S3 bucket.
s3KmsKeyArn (string) --
The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) customer managed key (CMK) used to encrypt objects delivered by AWS Config. Must belong to the same Region as the destination S3 bucket.
snsTopicARN (string) --
The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
If you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config. For more information, see Permissions for the Amazon SNS Topic in the AWS Config Developer Guide.
configSnapshotDeliveryProperties (dict) --
The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.
deliveryFrequency (string) --
The frequency with which AWS Config delivers configuration snapshots.
None