AWS Fundamentals Logo
AWS Fundamentals
L1 ConstructAWS::IoT::AccountAuditConfiguration

CfnAccountAuditConfiguration

Use the `AWS::IoT::AccountAuditConfiguration` resource to configure or reconfigure the Device Defender audit settings for your account. Settings include how audit notifications are sent and which audit checks are enabled or disabled. For API reference, see [UpdateAccountAuditConfiguration](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAccountAuditConfiguration.html) and for detailed information on all available audit checks, see [Audit checks](https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-audit-checks.html) .

Import

import { CfnAccountAuditConfiguration } from 'aws-cdk-lib/aws-iot';

Or use the module namespace:

import * as iot from 'aws-cdk-lib/aws-iot';
// iot.CfnAccountAuditConfiguration

Properties

Configuration passed to the constructor as CfnAccountAuditConfigurationProps.

accountIdRequired
string

The ID of the account. You can use the expression `!Sub "${AWS::AccountId}"` to use your account ID.

auditCheckConfigurationsRequired
IResolvable | AuditCheckConfigurationsProperty

Specifies which audit checks are enabled and disabled for this account. Some data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` . If an enabled check is removed from the template, it will also be disabled. You can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check. For more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)

roleArnRequired
string

The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.

auditNotificationTargetConfigurationsOptional
IResolvable | AuditNotificationTargetConfigurationsProperty

Information about the targets to which audit notifications are sent.

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::IoT::AccountAuditConfigurationView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)
Moduleaws-iot
CFN TypeAWS::IoT::AccountAuditConfiguration
Properties4

Related Constructs

Explore This Service

External Links