AWS.IoT (aws-elixir v0.8.0) View Source

AWS IoT

AWS IoT provides secure, bi-directional communication between Internet-connected devices (such as sensors, actuators, embedded devices, or smart appliances) and the AWS cloud.

You can discover your custom IoT-Data endpoint to communicate with, configure rules for data processing and integration with other services, organize resources associated with each device (Registry), configure logging, and create and manage policies and credentials to authenticate devices.

The service endpoints that expose this API are listed in AWS IoT Core Endpoints and Quotas. You must use the endpoint for the region that has the resources you want to access.

The service name used by AWS Signature Version 4 to sign the request is: execute-api.

For more information about how AWS IoT works, see the Developer Guide.

For information about how to use the credentials provider for AWS IoT, see Authorizing Direct Calls to AWS Services.

Link to this section Summary

Functions

Associates a group with a continuous job.

Attaches a policy to the specified target.

Attaches the specified policy to the specified principal (certificate or other credential).

Associates a Device Defender security profile with a thing group or this account.

Attaches the specified principal to the specified thing.

Cancels a mitigation action task that is in progress.

Cancels an audit that is in progress.

Cancels a pending transfer for the specified certificate.

Cancels a Device Defender ML Detect mitigation action.

Cancels the execution of a job for a given thing.

Creates a Device Defender audit suppression.

Creates an X.509 certificate using the specified certificate signing request.

Use this API to define a Custom Metric published by your devices to Device Defender.

Create a dimension that you can use to limit the scope of a metric used in a security profile for AWS IoT Device Defender.

Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key.

Defines an action that can be applied to audit findings by using StartAuditMitigationActionsTask.

Creates an AWS IoT OTAUpdate on a target group of things or groups.

Creates a new version of the specified AWS IoT policy.

Creates a fleet provisioning template.

Creates a new version of a fleet provisioning template.

Creates a scheduled audit that is run at a specified time interval.

Creates a stream for delivering one or more large files in chunks over MQTT.

Creates a thing record in the registry.

Restores the default settings for Device Defender audits for this account.

Deletes a Device Defender audit suppression.

Before you can delete a custom metric, you must first remove the custom metric from all security profiles it's a part of.

Removes the specified dimension from your AWS account.

Deletes a job and its related job executions.

Deletes a defined mitigation action from your AWS account.

Deletes the specified version of the specified policy.

Deletes a CA certificate registration code.

Gets information about the Device Defender audit settings for this account.

Gets information about a single audit finding.

Gets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings.

Gets information about a Device Defender audit suppression.

Gets information about a Device Defender audit.

Returns information about a billing group.

Gets information about the specified certificate.

Gets information about a Device Defender detect custom metric.

Describes the default authorizer.

Gets information about a Device Defender ML Detect mitigation action.

Provides details about a dimension that is defined in your AWS account.

Gets summary information about a domain configuration.

Returns a unique endpoint specific to the AWS account making the call.

Returns information about a job template.

Gets information about a mitigation action.

Returns information about a fleet provisioning template.

Returns information about a fleet provisioning template version.

Gets information about a Device Defender security profile.

Gets information about a stream.

Gets information about the specified thing.

Describes a bulk thing provisioning task.

Gets information about the specified thing type.

Detaches a policy from the specified target.

Removes the specified policy from the specified certificate.

Disassociates a Device Defender security profile from a thing group or from this account.

Detaches the specified principal from the specified thing.

Returns the approximate count of unique values that match the query.

Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the AWS IoT device gateway.

Gets the indexing configuration.

Gets the logging options.

Groups the aggregated values that match the query into percentile groupings.

Gets information about the specified policy with the policy document of the default version.

Gets information about the specified policy version.

Gets a registration code used to register a CA certificate with AWS IoT.

Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field.

Gets information about the rule.

Gets information about a topic rule destination.

Gets the fine grained logging options.

Lists the policies attached to the specified thing group.

Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period.

Lists your Device Defender audit listings.

List the set of dimensions that are defined for your AWS account.

Gets a list of all mitigation actions that match the specified filter criteria.

Lists the versions of the specified policy and identifies the default version.

Lists the fleet provisioning templates in your AWS account.

Lists the tags (metadata) you have assigned to the resource.

Lists the targets (thing groups) associated with a given Device Defender security profile.

Lists all the topic rule destinations in your AWS account.

Registers a CA certificate with AWS IoT.

Registers a device certificate with AWS IoT.

Register a certificate that does not have a certificate authority (CA).

Provisions a thing in the device registry.

Removes the given thing from the billing group.

Remove the specified thing from the specified group.

Sets the specified version of the specified policy as the policy's default (operative) version.

Sets the logging options for the V2 logging service.

Starts a task that applies a set of mitigation actions to the specified target.

Starts a Device Defender ML Detect mitigation actions task.

Starts an on-demand Device Defender audit.

Creates a bulk thing provisioning task.

Adds to or modifies the tags of the given resource.

Tests if a specified principal is authorized to perform an AWS IoT action on a specified resource.

Tests a custom authorization behavior by invoking a specified custom authorizer.

Transfers the specified certificate to the specified AWS account.

Removes the given tags (metadata) from the resource.

Configures or reconfigures the Device Defender audit settings for this account.

Updates a Device Defender audit suppression.

Updates information about the billing group.

Updates the status of the specified certificate.

Updates a Device Defender detect custom metric.

Updates the definition for a dimension.

Updates supported fields of the specified job.

Updates the definition for the specified mitigation action.

Updates a scheduled audit, including which checks are performed and how often the audit takes place.

Updates the groups to which the thing belongs.

Validates a Device Defender security profile behaviors specification.

Link to this section Functions

Link to this function

accept_certificate_transfer(client, certificate_id, input, options \\ [])

View Source

Accepts a pending certificate transfer.

The default state of the certificate is INACTIVE.

To check for pending certificate transfers, call ListCertificates to enumerate your certificates.

Link to this function

add_thing_to_billing_group(client, input, options \\ [])

View Source

Adds a thing to a billing group.

Link to this function

add_thing_to_thing_group(client, input, options \\ [])

View Source

Adds a thing to a thing group.

Link to this function

associate_targets_with_job(client, job_id, input, options \\ [])

View Source

Associates a group with a continuous job.

The following criteria must be met:

  • The job must have been created with the targetSelection field set to "CONTINUOUS".

  • The job status must currently be "IN_PROGRESS".

  • The total number of targets associated with a job must not exceed 100.

Link to this function

attach_policy(client, policy_name, input, options \\ [])

View Source

Attaches a policy to the specified target.

Link to this function

attach_principal_policy(client, policy_name, input, options \\ [])

View Source

Attaches the specified policy to the specified principal (certificate or other credential).

Note: This API is deprecated. Please use AttachPolicy instead.

Link to this function

attach_security_profile(client, security_profile_name, input, options \\ [])

View Source

Associates a Device Defender security profile with a thing group or this account.

Each thing group or account can have up to five security profiles associated with it.

Link to this function

attach_thing_principal(client, thing_name, input, options \\ [])

View Source

Attaches the specified principal to the specified thing.

A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

Link to this function

cancel_audit_mitigation_actions_task(client, task_id, input, options \\ [])

View Source

Cancels a mitigation action task that is in progress.

If the task is not in progress, an InvalidRequestException occurs.

Link to this function

cancel_audit_task(client, task_id, input, options \\ [])

View Source

Cancels an audit that is in progress.

The audit can be either scheduled or on demand. If the audit isn't in progress, an "InvalidRequestException" occurs.

Link to this function

cancel_certificate_transfer(client, certificate_id, input, options \\ [])

View Source

Cancels a pending transfer for the specified certificate.

Note Only the transfer source account can use this operation to cancel a transfer. (Transfer destinations can use RejectCertificateTransfer instead.) After transfer, AWS IoT returns the certificate to the source account in the INACTIVE state. After the destination account has accepted the transfer, the transfer cannot be cancelled.

After a certificate transfer is cancelled, the status of the certificate changes from PENDING_TRANSFER to INACTIVE.

Link to this function

cancel_detect_mitigation_actions_task(client, task_id, input, options \\ [])

View Source

Cancels a Device Defender ML Detect mitigation action.

Link to this function

cancel_job(client, job_id, input, options \\ [])

View Source

Cancels a job.

Link to this function

cancel_job_execution(client, job_id, thing_name, input, options \\ [])

View Source

Cancels the execution of a job for a given thing.

Link to this function

clear_default_authorizer(client, input, options \\ [])

View Source

Clears the default authorizer.

Link to this function

confirm_topic_rule_destination(client, confirmation_token, options \\ [])

View Source

Confirms a topic rule destination.

When you create a rule requiring a destination, AWS IoT sends a confirmation message to the endpoint or base address you specify. The message includes a token which you pass back when calling ConfirmTopicRuleDestination to confirm that you own or have access to the endpoint.

Link to this function

create_audit_suppression(client, input, options \\ [])

View Source

Creates a Device Defender audit suppression.

Link to this function

create_authorizer(client, authorizer_name, input, options \\ [])

View Source

Creates an authorizer.

Link to this function

create_billing_group(client, billing_group_name, input, options \\ [])

View Source

Creates a billing group.

Link to this function

create_certificate_from_csr(client, input, options \\ [])

View Source

Creates an X.509 certificate using the specified certificate signing request.

Note: The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256 or NIST P-384 curves.

Note: Reusing the same certificate signing request (CSR) results in a distinct certificate.

You can create multiple certificates in a batch by creating a directory, copying multiple .csr files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs.

Assuming a set of CSRs are located inside of the directory my-csr-directory:

On Linux and OS X, the command is:

$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}

This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr AWS CLI command to create a certificate for the corresponding CSR.

The aws iot create-certificate-from-csr part of the command can also be run in parallel to speed up the certificate creation process:

$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}

On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:

ls -Name my-csr-directory | %{aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/$_}

On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:

forfiles /p my-csr-directory /c "cmd /c aws iot create-certificate-from-csr --certificate-signing-request file://@path"

Link to this function

create_custom_metric(client, metric_name, input, options \\ [])

View Source

Use this API to define a Custom Metric published by your devices to Device Defender.

Link to this function

create_dimension(client, name, input, options \\ [])

View Source

Create a dimension that you can use to limit the scope of a metric used in a security profile for AWS IoT Device Defender.

For example, using a TOPIC_FILTER dimension, you can narrow down the scope of the metric only to MQTT topics whose name match the pattern specified in the dimension.

Link to this function

create_domain_configuration(client, domain_configuration_name, input, options \\ [])

View Source

Creates a domain configuration.

Link to this function

create_dynamic_thing_group(client, thing_group_name, input, options \\ [])

View Source

Creates a dynamic thing group.

Link to this function

create_job(client, job_id, input, options \\ [])

View Source

Creates a job.

Link to this function

create_job_template(client, job_template_id, input, options \\ [])

View Source

Creates a job template.

Link to this function

create_keys_and_certificate(client, input, options \\ [])

View Source

Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key.

You can also call CreateKeysAndCertificate over MQTT from a device, for more information, see Provisioning MQTT API.

Note This is the only time AWS IoT issues the private key for this certificate, so it is important to keep it in a secure location.

Link to this function

create_mitigation_action(client, action_name, input, options \\ [])

View Source

Defines an action that can be applied to audit findings by using StartAuditMitigationActionsTask.

Only certain types of mitigation actions can be applied to specific check names. For more information, see Mitigation actions. Each mitigation action can apply only one type of change.

Link to this function

create_ota_update(client, ota_update_id, input, options \\ [])

View Source

Creates an AWS IoT OTAUpdate on a target group of things or groups.

Link to this function

create_policy(client, policy_name, input, options \\ [])

View Source

Creates an AWS IoT policy.

The created policy is the default version for the policy. This operation creates a policy version with a version identifier of 1 and sets 1 as the policy's default version.

Link to this function

create_policy_version(client, policy_name, input, options \\ [])

View Source

Creates a new version of the specified AWS IoT policy.

To update a policy, create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must use DeletePolicyVersion to delete an existing version before you create a new one.

Optionally, you can set the new version as the policy's default version. The default version is the operative version (that is, the version that is in effect for the certificates to which the policy is attached).

Link to this function

create_provisioning_claim(client, template_name, input, options \\ [])

View Source

Creates a provisioning claim.

Link to this function

create_provisioning_template(client, input, options \\ [])

View Source

Creates a fleet provisioning template.

Link to this function

create_provisioning_template_version(client, template_name, input, options \\ [])

View Source

Creates a new version of a fleet provisioning template.

Link to this function

create_role_alias(client, role_alias, input, options \\ [])

View Source

Creates a role alias.

Link to this function

create_scheduled_audit(client, scheduled_audit_name, input, options \\ [])

View Source

Creates a scheduled audit that is run at a specified time interval.

Link to this function

create_security_profile(client, security_profile_name, input, options \\ [])

View Source

Creates a Device Defender security profile.

Link to this function

create_stream(client, stream_id, input, options \\ [])

View Source

Creates a stream for delivering one or more large files in chunks over MQTT.

A stream transports data bytes in chunks or blocks packaged as MQTT messages from a source like S3. You can have one or more files associated with a stream.

Link to this function

create_thing(client, thing_name, input, options \\ [])

View Source

Creates a thing record in the registry.

If this call is made multiple times using the same thing name and configuration, the call will succeed. If this call is made with the same thing name but different configuration a ResourceAlreadyExistsException is thrown.

This is a control plane operation. See Authorization for information about authorizing control plane actions.

Link to this function

create_thing_group(client, thing_group_name, input, options \\ [])

View Source

Create a thing group.

This is a control plane operation. See Authorization for information about authorizing control plane actions.

Link to this function

create_thing_type(client, thing_type_name, input, options \\ [])

View Source

Creates a new thing type.

Link to this function

create_topic_rule(client, rule_name, input, options \\ [])

View Source

Creates a rule.

Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.

Link to this function

create_topic_rule_destination(client, input, options \\ [])

View Source

Creates a topic rule destination.

The destination must be confirmed prior to use.

Link to this function

delete_account_audit_configuration(client, input, options \\ [])

View Source

Restores the default settings for Device Defender audits for this account.

Any configuration data you entered is deleted and all audit checks are reset to disabled.

Link to this function

delete_audit_suppression(client, input, options \\ [])

View Source

Deletes a Device Defender audit suppression.

Link to this function

delete_authorizer(client, authorizer_name, input, options \\ [])

View Source

Deletes an authorizer.

Link to this function

delete_billing_group(client, billing_group_name, input, options \\ [])

View Source

Deletes the billing group.

Link to this function

delete_ca_certificate(client, certificate_id, input, options \\ [])

View Source

Deletes a registered CA certificate.

Link to this function

delete_certificate(client, certificate_id, input, options \\ [])

View Source

Deletes the specified certificate.

A certificate cannot be deleted if it has a policy or IoT thing attached to it or if its status is set to ACTIVE. To delete a certificate, first use the DetachPrincipalPolicy API to detach all policies. Next, use the UpdateCertificate API to set the certificate to the INACTIVE status.

Link to this function

delete_custom_metric(client, metric_name, input, options \\ [])

View Source

Before you can delete a custom metric, you must first remove the custom metric from all security profiles it's a part of.

The security profile associated with the custom metric can be found using the ListSecurityProfiles API with metricName set to your custom metric name.

Deletes a Device Defender detect custom metric.

Link to this function

delete_dimension(client, name, input, options \\ [])

View Source

Removes the specified dimension from your AWS account.

Link to this function

delete_domain_configuration(client, domain_configuration_name, input, options \\ [])

View Source

Deletes the specified domain configuration.

Link to this function

delete_dynamic_thing_group(client, thing_group_name, input, options \\ [])

View Source

Deletes a dynamic thing group.

Link to this function

delete_job(client, job_id, input, options \\ [])

View Source

Deletes a job and its related job executions.

Deleting a job may take time, depending on the number of job executions created for the job and various other factors. While the job is being deleted, the status of the job will be shown as "DELETION_IN_PROGRESS". Attempting to delete or cancel a job whose status is already "DELETION_IN_PROGRESS" will result in an error.

Only 10 jobs may have status "DELETION_IN_PROGRESS" at the same time, or a LimitExceededException will occur.

Link to this function

delete_job_execution(client, execution_number, job_id, thing_name, input, options \\ [])

View Source

Deletes a job execution.

Link to this function

delete_job_template(client, job_template_id, input, options \\ [])

View Source

Deletes the specified job template.

Link to this function

delete_mitigation_action(client, action_name, input, options \\ [])

View Source

Deletes a defined mitigation action from your AWS account.

Link to this function

delete_ota_update(client, ota_update_id, input, options \\ [])

View Source

Delete an OTA update.

Link to this function

delete_policy(client, policy_name, input, options \\ [])

View Source

Deletes the specified policy.

A policy cannot be deleted if it has non-default versions or it is attached to any certificate.

To delete a policy, use the DeletePolicyVersion API to delete all non-default versions of the policy; use the DetachPrincipalPolicy API to detach the policy from any certificate; and then use the DeletePolicy API to delete the policy.

When a policy is deleted using DeletePolicy, its default version is deleted with it.

Link to this function

delete_policy_version(client, policy_name, policy_version_id, input, options \\ [])

View Source

Deletes the specified version of the specified policy.

You cannot delete the default version of a policy using this API. To delete the default version of a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions.

Link to this function

delete_provisioning_template(client, template_name, input, options \\ [])

View Source

Deletes a fleet provisioning template.

Link to this function

delete_provisioning_template_version(client, template_name, version_id, input, options \\ [])

View Source

Deletes a fleet provisioning template version.

Link to this function

delete_registration_code(client, input, options \\ [])

View Source

Deletes a CA certificate registration code.

Link to this function

delete_role_alias(client, role_alias, input, options \\ [])

View Source

Deletes a role alias

Link to this function

delete_scheduled_audit(client, scheduled_audit_name, input, options \\ [])

View Source

Deletes a scheduled audit.

Link to this function

delete_security_profile(client, security_profile_name, input, options \\ [])

View Source

Deletes a Device Defender security profile.

Link to this function

delete_stream(client, stream_id, input, options \\ [])

View Source

Deletes a stream.

Link to this function

delete_thing(client, thing_name, input, options \\ [])

View Source

Deletes the specified thing.

Returns successfully with no error if the deletion is successful or you specify a thing that doesn't exist.

Link to this function

delete_thing_group(client, thing_group_name, input, options \\ [])

View Source

Deletes a thing group.

Link to this function

delete_thing_type(client, thing_type_name, input, options \\ [])

View Source

Deletes the specified thing type.

You cannot delete a thing type if it has things associated with it. To delete a thing type, first mark it as deprecated by calling DeprecateThingType, then remove any associated things by calling UpdateThing to change the thing type on any associated thing, and finally use DeleteThingType to delete the thing type.

Link to this function

delete_topic_rule(client, rule_name, input, options \\ [])

View Source

Deletes the rule.

Link to this function

delete_topic_rule_destination(client, arn, input, options \\ [])

View Source

Deletes a topic rule destination.

Link to this function

delete_v2_logging_level(client, input, options \\ [])

View Source

Deletes a logging level.

Link to this function

deprecate_thing_type(client, thing_type_name, input, options \\ [])

View Source

Deprecates a thing type.

You can not associate new things with deprecated thing type.

Link to this function

describe_account_audit_configuration(client, options \\ [])

View Source

Gets information about the Device Defender audit settings for this account.

Settings include how audit notifications are sent and which audit checks are enabled or disabled.

Link to this function

describe_audit_finding(client, finding_id, options \\ [])

View Source

Gets information about a single audit finding.

Properties include the reason for noncompliance, the severity of the issue, and the start time when the audit that returned the finding.

Link to this function

describe_audit_mitigation_actions_task(client, task_id, options \\ [])

View Source

Gets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings.

Properties include the actions being applied, the audit checks to which they're being applied, the task status, and aggregated task statistics.

Link to this function

describe_audit_suppression(client, input, options \\ [])

View Source

Gets information about a Device Defender audit suppression.

Link to this function

describe_audit_task(client, task_id, options \\ [])

View Source

Gets information about a Device Defender audit.

Link to this function

describe_authorizer(client, authorizer_name, options \\ [])

View Source

Describes an authorizer.

Link to this function

describe_billing_group(client, billing_group_name, options \\ [])

View Source

Returns information about a billing group.

Link to this function

describe_ca_certificate(client, certificate_id, options \\ [])

View Source

Describes a registered CA certificate.

Link to this function

describe_certificate(client, certificate_id, options \\ [])

View Source

Gets information about the specified certificate.

Link to this function

describe_custom_metric(client, metric_name, options \\ [])

View Source

Gets information about a Device Defender detect custom metric.

Link to this function

describe_default_authorizer(client, options \\ [])

View Source

Describes the default authorizer.

Link to this function

describe_detect_mitigation_actions_task(client, task_id, options \\ [])

View Source

Gets information about a Device Defender ML Detect mitigation action.

Link to this function

describe_dimension(client, name, options \\ [])

View Source

Provides details about a dimension that is defined in your AWS account.

Link to this function

describe_domain_configuration(client, domain_configuration_name, options \\ [])

View Source

Gets summary information about a domain configuration.

Link to this function

describe_endpoint(client, endpoint_type \\ nil, options \\ [])

View Source

Returns a unique endpoint specific to the AWS account making the call.

Link to this function

describe_event_configurations(client, options \\ [])

View Source

Describes event configurations.

Link to this function

describe_index(client, index_name, options \\ [])

View Source

Describes a search index.

Link to this function

describe_job(client, job_id, options \\ [])

View Source

Describes a job.

Link to this function

describe_job_execution(client, job_id, thing_name, execution_number \\ nil, options \\ [])

View Source

Describes a job execution.

Link to this function

describe_job_template(client, job_template_id, options \\ [])

View Source

Returns information about a job template.

Link to this function

describe_mitigation_action(client, action_name, options \\ [])

View Source

Gets information about a mitigation action.

Link to this function

describe_provisioning_template(client, template_name, options \\ [])

View Source

Returns information about a fleet provisioning template.

Link to this function

describe_provisioning_template_version(client, template_name, version_id, options \\ [])

View Source

Returns information about a fleet provisioning template version.

Link to this function

describe_role_alias(client, role_alias, options \\ [])

View Source

Describes a role alias.

Link to this function

describe_scheduled_audit(client, scheduled_audit_name, options \\ [])

View Source

Gets information about a scheduled audit.

Link to this function

describe_security_profile(client, security_profile_name, options \\ [])

View Source

Gets information about a Device Defender security profile.

Link to this function

describe_stream(client, stream_id, options \\ [])

View Source

Gets information about a stream.

Link to this function

describe_thing(client, thing_name, options \\ [])

View Source

Gets information about the specified thing.

Link to this function

describe_thing_group(client, thing_group_name, options \\ [])

View Source

Describe a thing group.

Link to this function

describe_thing_registration_task(client, task_id, options \\ [])

View Source

Describes a bulk thing provisioning task.

Link to this function

describe_thing_type(client, thing_type_name, options \\ [])

View Source

Gets information about the specified thing type.

Link to this function

detach_policy(client, policy_name, input, options \\ [])

View Source

Detaches a policy from the specified target.

Link to this function

detach_principal_policy(client, policy_name, input, options \\ [])

View Source

Removes the specified policy from the specified certificate.

Note: This API is deprecated. Please use DetachPolicy instead.

Link to this function

detach_security_profile(client, security_profile_name, input, options \\ [])

View Source

Disassociates a Device Defender security profile from a thing group or from this account.

Link to this function

detach_thing_principal(client, thing_name, input, options \\ [])

View Source

Detaches the specified principal from the specified thing.

A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

This call is asynchronous. It might take several seconds for the detachment to propagate.

Link to this function

disable_topic_rule(client, rule_name, input, options \\ [])

View Source

Disables the rule.

Link to this function

enable_topic_rule(client, rule_name, input, options \\ [])

View Source

Enables the rule.

Link to this function

get_behavior_model_training_summaries(client, max_results \\ nil, next_token \\ nil, security_profile_name \\ nil, options \\ [])

View Source

Returns a Device Defender's ML Detect Security Profile training model's status.

Link to this function

get_cardinality(client, input, options \\ [])

View Source

Returns the approximate count of unique values that match the query.

Link to this function

get_effective_policies(client, input, options \\ [])

View Source

Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the AWS IoT device gateway.

Link to this function

get_indexing_configuration(client, options \\ [])

View Source

Gets the indexing configuration.

Link to this function

get_job_document(client, job_id, options \\ [])

View Source

Gets a job document.

Link to this function

get_logging_options(client, options \\ [])

View Source

Gets the logging options.

NOTE: use of this command is not recommended. Use GetV2LoggingOptions instead.

Link to this function

get_ota_update(client, ota_update_id, options \\ [])

View Source

Gets an OTA update.

Link to this function

get_percentiles(client, input, options \\ [])

View Source

Groups the aggregated values that match the query into percentile groupings.

The default percentile groupings are: 1,5,25,50,75,95,99, although you can specify your own when you call GetPercentiles. This function returns a value for each percentile group specified (or the default percentile groupings). The percentile group "1" contains the aggregated field value that occurs in approximately one percent of the values that match the query. The percentile group "5" contains the aggregated field value that occurs in approximately five percent of the values that match the query, and so on. The result is an approximation, the more values that match the query, the more accurate the percentile values.

Link to this function

get_policy(client, policy_name, options \\ [])

View Source

Gets information about the specified policy with the policy document of the default version.

Link to this function

get_policy_version(client, policy_name, policy_version_id, options \\ [])

View Source

Gets information about the specified policy version.

Link to this function

get_registration_code(client, options \\ [])

View Source

Gets a registration code used to register a CA certificate with AWS IoT.

Link to this function

get_statistics(client, input, options \\ [])

View Source

Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field.

If the aggregation field is of type String, only the count statistic is returned.

Link to this function

get_topic_rule(client, rule_name, options \\ [])

View Source

Gets information about the rule.

Link to this function

get_topic_rule_destination(client, arn, options \\ [])

View Source

Gets information about a topic rule destination.

Link to this function

get_v2_logging_options(client, options \\ [])

View Source

Gets the fine grained logging options.

Link to this function

list_active_violations(client, behavior_criteria_type \\ nil, list_suppressed_alerts \\ nil, max_results \\ nil, next_token \\ nil, security_profile_name \\ nil, thing_name \\ nil, options \\ [])

View Source

Lists the active violations for a given Device Defender security profile.

Link to this function

list_attached_policies(client, target, input, options \\ [])

View Source

Lists the policies attached to the specified thing group.

Link to this function

list_audit_findings(client, input, options \\ [])

View Source

Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period.

(Findings are retained for 90 days.)

Link to this function

list_audit_mitigation_actions_executions(client, action_status \\ nil, finding_id, max_results \\ nil, next_token \\ nil, task_id, options \\ [])

View Source

Gets the status of audit mitigation action tasks that were executed.

Link to this function

list_audit_mitigation_actions_tasks(client, audit_task_id \\ nil, end_time, finding_id \\ nil, max_results \\ nil, next_token \\ nil, start_time, task_status \\ nil, options \\ [])

View Source

Gets a list of audit mitigation action tasks that match the specified filters.

Link to this function

list_audit_suppressions(client, input, options \\ [])

View Source

Lists your Device Defender audit listings.

Link to this function

list_audit_tasks(client, end_time, max_results \\ nil, next_token \\ nil, start_time, task_status \\ nil, task_type \\ nil, options \\ [])

View Source

Lists the Device Defender audits that have been performed during a given time period.

Link to this function

list_authorizers(client, ascending_order \\ nil, marker \\ nil, page_size \\ nil, status \\ nil, options \\ [])

View Source

Lists the authorizers registered in your account.

Link to this function

list_billing_groups(client, max_results \\ nil, name_prefix_filter \\ nil, next_token \\ nil, options \\ [])

View Source

Lists the billing groups you have created.

Link to this function

list_ca_certificates(client, ascending_order \\ nil, marker \\ nil, page_size \\ nil, options \\ [])

View Source

Lists the CA certificates registered for your AWS account.

The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.

Link to this function

list_certificates(client, ascending_order \\ nil, marker \\ nil, page_size \\ nil, options \\ [])

View Source

Lists the certificates registered in your AWS account.

The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.

Link to this function

list_certificates_by_ca(client, ca_certificate_id, ascending_order \\ nil, marker \\ nil, page_size \\ nil, options \\ [])

View Source

List the device certificates signed by the specified CA certificate.

Link to this function

list_custom_metrics(client, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists your Device Defender detect custom metrics.

Link to this function

list_detect_mitigation_actions_executions(client, end_time \\ nil, max_results \\ nil, next_token \\ nil, start_time \\ nil, task_id \\ nil, thing_name \\ nil, violation_id \\ nil, options \\ [])

View Source

Lists mitigation actions executions for a Device Defender ML Detect Security Profile.

Link to this function

list_detect_mitigation_actions_tasks(client, end_time, max_results \\ nil, next_token \\ nil, start_time, options \\ [])

View Source

List of Device Defender ML Detect mitigation actions tasks.

Link to this function

list_dimensions(client, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

List the set of dimensions that are defined for your AWS account.

Link to this function

list_domain_configurations(client, marker \\ nil, page_size \\ nil, service_type \\ nil, options \\ [])

View Source

Gets a list of domain configurations for the user.

This list is sorted alphabetically by domain configuration name.

Link to this function

list_indices(client, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists the search indices.

Link to this function

list_job_executions_for_job(client, job_id, max_results \\ nil, next_token \\ nil, status \\ nil, options \\ [])

View Source

Lists the job executions for a job.

Link to this function

list_job_executions_for_thing(client, thing_name, max_results \\ nil, namespace_id \\ nil, next_token \\ nil, status \\ nil, options \\ [])

View Source

Lists the job executions for the specified thing.

Link to this function

list_job_templates(client, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Returns a list of job templates.

Link to this function

list_jobs(client, max_results \\ nil, namespace_id \\ nil, next_token \\ nil, status \\ nil, target_selection \\ nil, thing_group_id \\ nil, thing_group_name \\ nil, options \\ [])

View Source

Lists jobs.

Link to this function

list_mitigation_actions(client, action_type \\ nil, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Gets a list of all mitigation actions that match the specified filter criteria.

Link to this function

list_ota_updates(client, max_results \\ nil, next_token \\ nil, ota_update_status \\ nil, options \\ [])

View Source

Lists OTA updates.

Link to this function

list_outgoing_certificates(client, ascending_order \\ nil, marker \\ nil, page_size \\ nil, options \\ [])

View Source

Lists certificates that are being transferred but not yet accepted.

Link to this function

list_policies(client, ascending_order \\ nil, marker \\ nil, page_size \\ nil, options \\ [])

View Source

Lists your policies.

Link to this function

list_policy_principals(client, ascending_order \\ nil, marker \\ nil, page_size \\ nil, policy_name, options \\ [])

View Source

Lists the principals associated with the specified policy.

Note: This API is deprecated. Please use ListTargetsForPolicy instead.

Link to this function

list_policy_versions(client, policy_name, options \\ [])

View Source

Lists the versions of the specified policy and identifies the default version.

Link to this function

list_principal_policies(client, ascending_order \\ nil, marker \\ nil, page_size \\ nil, principal, options \\ [])

View Source

Lists the policies attached to the specified principal.

If you use an Cognito identity, the ID must be in AmazonCognito Identity format.

Note: This API is deprecated. Please use ListAttachedPolicies instead.

Link to this function

list_principal_things(client, max_results \\ nil, next_token \\ nil, principal, options \\ [])

View Source

Lists the things associated with the specified principal.

A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

Link to this function

list_provisioning_template_versions(client, template_name, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

A list of fleet provisioning template versions.

Link to this function

list_provisioning_templates(client, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists the fleet provisioning templates in your AWS account.

Link to this function

list_role_aliases(client, ascending_order \\ nil, marker \\ nil, page_size \\ nil, options \\ [])

View Source

Lists the role aliases registered in your account.

Link to this function

list_scheduled_audits(client, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists all of your scheduled audits.

Link to this function

list_security_profiles(client, dimension_name \\ nil, max_results \\ nil, metric_name \\ nil, next_token \\ nil, options \\ [])

View Source

Lists the Device Defender security profiles you've created.

You can filter security profiles by dimension or custom metric.

dimensionName and metricName cannot be used in the same request.

Link to this function

list_security_profiles_for_target(client, max_results \\ nil, next_token \\ nil, recursive \\ nil, security_profile_target_arn, options \\ [])

View Source

Lists the Device Defender security profiles attached to a target (thing group).

Link to this function

list_streams(client, ascending_order \\ nil, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists all of the streams in your AWS account.

Link to this function

list_tags_for_resource(client, next_token \\ nil, resource_arn, options \\ [])

View Source

Lists the tags (metadata) you have assigned to the resource.

Link to this function

list_targets_for_policy(client, policy_name, input, options \\ [])

View Source

List targets for the specified policy.

Link to this function

list_targets_for_security_profile(client, security_profile_name, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists the targets (thing groups) associated with a given Device Defender security profile.

Link to this function

list_thing_groups(client, max_results \\ nil, name_prefix_filter \\ nil, next_token \\ nil, parent_group \\ nil, recursive \\ nil, options \\ [])

View Source

List the thing groups in your account.

Link to this function

list_thing_groups_for_thing(client, thing_name, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

List the thing groups to which the specified thing belongs.

Link to this function

list_thing_principals(client, thing_name, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists the principals associated with the specified thing.

A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

Link to this function

list_thing_registration_task_reports(client, task_id, max_results \\ nil, next_token \\ nil, report_type, options \\ [])

View Source

Information about the thing registration tasks.

Link to this function

list_thing_registration_tasks(client, max_results \\ nil, next_token \\ nil, status \\ nil, options \\ [])

View Source

List bulk thing provisioning tasks.

Link to this function

list_thing_types(client, max_results \\ nil, next_token \\ nil, thing_type_name \\ nil, options \\ [])

View Source

Lists the existing thing types.

Link to this function

list_things(client, attribute_name \\ nil, attribute_value \\ nil, max_results \\ nil, next_token \\ nil, thing_type_name \\ nil, use_prefix_attribute_value \\ nil, options \\ [])

View Source

Lists your things.

Use the attributeName and attributeValue parameters to filter your things. For example, calling ListThings with attributeName=Color and attributeValue=Red retrieves all things in the registry that contain an attribute Color with the value Red.

You will not be charged for calling this API if an Access denied error is returned. You will also not be charged if no attributes or pagination token was provided in request and no pagination token and no results were returned.

Link to this function

list_things_in_billing_group(client, billing_group_name, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists the things you have added to the given billing group.

Link to this function

list_things_in_thing_group(client, thing_group_name, max_results \\ nil, next_token \\ nil, recursive \\ nil, options \\ [])

View Source

Lists the things in the specified group.

Link to this function

list_topic_rule_destinations(client, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Lists all the topic rule destinations in your AWS account.

Link to this function

list_topic_rules(client, max_results \\ nil, next_token \\ nil, rule_disabled \\ nil, topic \\ nil, options \\ [])

View Source

Lists the rules for the specific topic.

Link to this function

list_v2_logging_levels(client, max_results \\ nil, next_token \\ nil, target_type \\ nil, options \\ [])

View Source

Lists logging levels.

Link to this function

list_violation_events(client, behavior_criteria_type \\ nil, end_time, list_suppressed_alerts \\ nil, max_results \\ nil, next_token \\ nil, security_profile_name \\ nil, start_time, thing_name \\ nil, options \\ [])

View Source

Lists the Device Defender security profile violations discovered during the given time period.

You can use filters to limit the results to those alerts issued for a particular security profile, behavior, or thing (device).

Link to this function

register_ca_certificate(client, input, options \\ [])

View Source

Registers a CA certificate with AWS IoT.

This CA certificate can then be used to sign device certificates, which can be then registered with AWS IoT. You can register up to 10 CA certificates per AWS account that have the same subject field. This enables you to have up to 10 certificate authorities sign your device certificates. If you have more than one CA certificate registered, make sure you pass the CA certificate when you register your device certificates with the RegisterCertificate API.

Link to this function

register_certificate(client, input, options \\ [])

View Source

Registers a device certificate with AWS IoT.

If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered.

Link to this function

register_certificate_without_ca(client, input, options \\ [])

View Source

Register a certificate that does not have a certificate authority (CA).

Link to this function

register_thing(client, input, options \\ [])

View Source

Provisions a thing in the device registry.

RegisterThing calls other AWS IoT control plane APIs. These calls might exceed your account level AWS IoT Throttling Limits and cause throttle errors. Please contact AWS Customer Support to raise your throttling limits if necessary.

Link to this function

reject_certificate_transfer(client, certificate_id, input, options \\ [])

View Source

Rejects a pending certificate transfer.

After AWS IoT rejects a certificate transfer, the certificate status changes from PENDING_TRANSFER to INACTIVE.

To check for pending certificate transfers, call ListCertificates to enumerate your certificates.

This operation can only be called by the transfer destination. After it is called, the certificate will be returned to the source's account in the INACTIVE state.

Link to this function

remove_thing_from_billing_group(client, input, options \\ [])

View Source

Removes the given thing from the billing group.

Link to this function

remove_thing_from_thing_group(client, input, options \\ [])

View Source

Remove the specified thing from the specified group.

You must specify either a thingGroupArn or a thingGroupName to identify the thing group and either a thingArn or a thingName to identify the thing to remove from the thing group.

Link to this function

replace_topic_rule(client, rule_name, input, options \\ [])

View Source

Replaces the rule.

You must specify all parameters for the new rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.

Link to this function

search_index(client, input, options \\ [])

View Source

The query search index.

Link to this function

set_default_authorizer(client, input, options \\ [])

View Source

Sets the default authorizer.

This will be used if a websocket connection is made without specifying an authorizer.

Link to this function

set_default_policy_version(client, policy_name, policy_version_id, input, options \\ [])

View Source

Sets the specified version of the specified policy as the policy's default (operative) version.

This action affects all certificates to which the policy is attached. To list the principals the policy is attached to, use the ListPrincipalPolicy API.

Link to this function

set_logging_options(client, input, options \\ [])

View Source

Sets the logging options.

NOTE: use of this command is not recommended. Use SetV2LoggingOptions instead.

Link to this function

set_v2_logging_level(client, input, options \\ [])

View Source

Sets the logging level.

Link to this function

set_v2_logging_options(client, input, options \\ [])

View Source

Sets the logging options for the V2 logging service.

Link to this function

start_audit_mitigation_actions_task(client, task_id, input, options \\ [])

View Source

Starts a task that applies a set of mitigation actions to the specified target.

Link to this function

start_detect_mitigation_actions_task(client, task_id, input, options \\ [])

View Source

Starts a Device Defender ML Detect mitigation actions task.

Link to this function

start_on_demand_audit_task(client, input, options \\ [])

View Source

Starts an on-demand Device Defender audit.

Link to this function

start_thing_registration_task(client, input, options \\ [])

View Source

Creates a bulk thing provisioning task.

Link to this function

stop_thing_registration_task(client, task_id, input, options \\ [])

View Source

Cancels a bulk thing provisioning task.

Link to this function

tag_resource(client, input, options \\ [])

View Source

Adds to or modifies the tags of the given resource.

Tags are metadata which can be used to manage a resource.

Link to this function

test_authorization(client, input, options \\ [])

View Source

Tests if a specified principal is authorized to perform an AWS IoT action on a specified resource.

Use this to test and debug the authorization behavior of devices that connect to the AWS IoT device gateway.

Link to this function

test_invoke_authorizer(client, authorizer_name, input, options \\ [])

View Source

Tests a custom authorization behavior by invoking a specified custom authorizer.

Use this to test and debug the custom authorization behavior of devices that connect to the AWS IoT device gateway.

Link to this function

transfer_certificate(client, certificate_id, input, options \\ [])

View Source

Transfers the specified certificate to the specified AWS account.

You can cancel the transfer until it is acknowledged by the recipient.

No notification is sent to the transfer destination's account. It is up to the caller to notify the transfer target.

The certificate being transferred must not be in the ACTIVE state. You can use the UpdateCertificate API to deactivate it.

The certificate must not have any policies attached to it. You can use the DetachPrincipalPolicy API to detach them.

Link to this function

untag_resource(client, input, options \\ [])

View Source

Removes the given tags (metadata) from the resource.

Link to this function

update_account_audit_configuration(client, input, options \\ [])

View Source

Configures or reconfigures the Device Defender audit settings for this account.

Settings include how audit notifications are sent and which audit checks are enabled or disabled.

Link to this function

update_audit_suppression(client, input, options \\ [])

View Source

Updates a Device Defender audit suppression.

Link to this function

update_authorizer(client, authorizer_name, input, options \\ [])

View Source

Updates an authorizer.

Link to this function

update_billing_group(client, billing_group_name, input, options \\ [])

View Source

Updates information about the billing group.

Link to this function

update_ca_certificate(client, certificate_id, input, options \\ [])

View Source

Updates a registered CA certificate.

Link to this function

update_certificate(client, certificate_id, input, options \\ [])

View Source

Updates the status of the specified certificate.

This operation is idempotent.

Certificates must be in the ACTIVE state to authenticate devices that use a certificate to connect to AWS IoT.

Within a few minutes of updating a certificate from the ACTIVE state to any other state, AWS IoT disconnects all devices that used that certificate to connect. Devices cannot use a certificate that is not in the ACTIVE state to reconnect.

Link to this function

update_custom_metric(client, metric_name, input, options \\ [])

View Source

Updates a Device Defender detect custom metric.

Link to this function

update_dimension(client, name, input, options \\ [])

View Source

Updates the definition for a dimension.

You cannot change the type of a dimension after it is created (you can delete it and recreate it).

Link to this function

update_domain_configuration(client, domain_configuration_name, input, options \\ [])

View Source

Updates values stored in the domain configuration.

Domain configurations for default endpoints can't be updated.

Link to this function

update_dynamic_thing_group(client, thing_group_name, input, options \\ [])

View Source

Updates a dynamic thing group.

Link to this function

update_event_configurations(client, input, options \\ [])

View Source

Updates the event configurations.

Link to this function

update_indexing_configuration(client, input, options \\ [])

View Source

Updates the search configuration.

Link to this function

update_job(client, job_id, input, options \\ [])

View Source

Updates supported fields of the specified job.

Link to this function

update_mitigation_action(client, action_name, input, options \\ [])

View Source

Updates the definition for the specified mitigation action.

Link to this function

update_provisioning_template(client, template_name, input, options \\ [])

View Source

Updates a fleet provisioning template.

Link to this function

update_role_alias(client, role_alias, input, options \\ [])

View Source

Updates a role alias.

Link to this function

update_scheduled_audit(client, scheduled_audit_name, input, options \\ [])

View Source

Updates a scheduled audit, including which checks are performed and how often the audit takes place.

Link to this function

update_security_profile(client, security_profile_name, input, options \\ [])

View Source

Updates a Device Defender security profile.

Link to this function

update_stream(client, stream_id, input, options \\ [])

View Source

Updates an existing stream.

The stream version will be incremented by one.

Link to this function

update_thing(client, thing_name, input, options \\ [])

View Source

Updates the data for a thing.

Link to this function

update_thing_group(client, thing_group_name, input, options \\ [])

View Source

Update a thing group.

Link to this function

update_thing_groups_for_thing(client, input, options \\ [])

View Source

Updates the groups to which the thing belongs.

Link to this function

update_topic_rule_destination(client, input, options \\ [])

View Source

Updates a topic rule destination.

You use this to change the status, endpoint URL, or confirmation URL of the destination.

Link to this function

validate_security_profile_behaviors(client, input, options \\ [])

View Source

Validates a Device Defender security profile behaviors specification.