aws_iot

AWS IoT

AWS IoT provides secure, bi-directional communication between Internet-connected devices (such as sensors, actuators, embedded devices, or smart appliances) and the AWS cloud. You can discover your custom IoT-Data endpoint to communicate with, configure rules for data processing and integration with other services, organize resources associated with each device (Registry), configure logging, and create and manage policies and credentials to authenticate devices.

The service endpoints that expose this API are listed in AWS IoT Core Endpoints and Quotas. You must use the endpoint for the region that has the resources you want to access.

The service name used by AWS Signature Version 4 to sign the request is: execute-api.

For more information about how AWS IoT works, see the Developer Guide.

Summary

Functions

• accept_certificate_transfer(Client, CertificateId, Input)
  Accepts a pending certificate transfer.
• accept_certificate_transfer(Client, CertificateId, Input0, Options)
• add_thing_to_billing_group(Client, Input)
  Adds a thing to a billing group.
• add_thing_to_billing_group(Client, Input0, Options)
• add_thing_to_thing_group(Client, Input)
  Adds a thing to a thing group.
• add_thing_to_thing_group(Client, Input0, Options)
• associate_targets_with_job(Client, JobId, Input)
  Associates a group with a continuous job.
• associate_targets_with_job(Client, JobId, Input0, Options)
• attach_policy(Client, PolicyName, Input)
  Attaches a policy to the specified target.
• attach_policy(Client, PolicyName, Input0, Options)
• attach_principal_policy(Client, PolicyName, Input)
  Attaches the specified policy to the specified principal (certificate or other credential).
• attach_principal_policy(Client, PolicyName, Input0, Options)
• attach_security_profile(Client, SecurityProfileName, Input)
  Associates a Device Defender security profile with a thing group or this account.
• attach_security_profile(Client, SecurityProfileName, Input0, Options)
• attach_thing_principal(Client, ThingName, Input)
  Attaches the specified principal to the specified thing.
• attach_thing_principal(Client, ThingName, Input0, Options)
• cancel_audit_mitigation_actions_task(Client, TaskId, Input)
  Cancels a mitigation action task that is in progress.
• cancel_audit_mitigation_actions_task(Client, TaskId, Input0, Options)
• cancel_audit_task(Client, TaskId, Input)
  Cancels an audit that is in progress.
• cancel_audit_task(Client, TaskId, Input0, Options)
• cancel_certificate_transfer(Client, CertificateId, Input)
  Cancels a pending transfer for the specified certificate.
• cancel_certificate_transfer(Client, CertificateId, Input0, Options)
• cancel_job(Client, JobId, Input)
  Cancels a job.
• cancel_job(Client, JobId, Input0, Options)
• cancel_job_execution(Client, JobId, ThingName, Input)
  Cancels the execution of a job for a given thing.
• cancel_job_execution(Client, JobId, ThingName, Input0, Options)
• clear_default_authorizer(Client, Input)
  Clears the default authorizer.
• clear_default_authorizer(Client, Input0, Options)
• confirm_topic_rule_destination(Client, ConfirmationToken)
  Confirms a topic rule destination.
• confirm_topic_rule_destination(Client, ConfirmationToken, Options)
• create_authorizer(Client, AuthorizerName, Input)
  Creates an authorizer.
• create_authorizer(Client, AuthorizerName, Input0, Options)
• create_billing_group(Client, BillingGroupName, Input)
  Creates a billing group.
• create_billing_group(Client, BillingGroupName, Input0, Options)
• create_certificate_from_csr(Client, Input)
  Creates an X.509 certificate using the specified certificate signing request.
• create_certificate_from_csr(Client, Input0, Options)
• create_dimension(Client, Name, Input)
  Create a dimension that you can use to limit the scope of a metric used in a security profile for AWS IoT Device Defender.
• create_dimension(Client, Name, Input0, Options)
• create_domain_configuration(Client, DomainConfigurationName, Input)
  Creates a domain configuration.
• create_domain_configuration(Client, DomainConfigurationName, Input0, Options)
• create_dynamic_thing_group(Client, ThingGroupName, Input)
  Creates a dynamic thing group.
• create_dynamic_thing_group(Client, ThingGroupName, Input0, Options)
• create_job(Client, JobId, Input)
  Creates a job.
• create_job(Client, JobId, Input0, Options)
• create_keys_and_certificate(Client, Input)
  Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key.
• create_keys_and_certificate(Client, Input0, Options)
• create_mitigation_action(Client, ActionName, Input)
  Defines an action that can be applied to audit findings by using StartAuditMitigationActionsTask.
• create_mitigation_action(Client, ActionName, Input0, Options)
• create_o_t_a_update(Client, OtaUpdateId, Input)
  Creates an AWS IoT OTAUpdate on a target group of things or groups.
• create_o_t_a_update(Client, OtaUpdateId, Input0, Options)
• create_policy(Client, PolicyName, Input)
  Creates an AWS IoT policy.
• create_policy(Client, PolicyName, Input0, Options)
• create_policy_version(Client, PolicyName, Input)
  Creates a new version of the specified AWS IoT policy.
• create_policy_version(Client, PolicyName, Input0, Options)
• create_provisioning_claim(Client, TemplateName, Input)
  Creates a provisioning claim.
• create_provisioning_claim(Client, TemplateName, Input0, Options)
• create_provisioning_template(Client, Input)
  Creates a fleet provisioning template.
• create_provisioning_template(Client, Input0, Options)
• create_provisioning_template_version(Client, TemplateName, Input)
  Creates a new version of a fleet provisioning template.
• create_provisioning_template_version(Client, TemplateName, Input0, Options)
• create_role_alias(Client, RoleAlias, Input)
  Creates a role alias.
• create_role_alias(Client, RoleAlias, Input0, Options)
• create_scheduled_audit(Client, ScheduledAuditName, Input)
  Creates a scheduled audit that is run at a specified time interval.
• create_scheduled_audit(Client, ScheduledAuditName, Input0, Options)
• create_security_profile(Client, SecurityProfileName, Input)
  Creates a Device Defender security profile.
• create_security_profile(Client, SecurityProfileName, Input0, Options)
• create_stream(Client, StreamId, Input)
  Creates a stream for delivering one or more large files in chunks over MQTT.
• create_stream(Client, StreamId, Input0, Options)
• create_thing(Client, ThingName, Input)
  Creates a thing record in the registry.
• create_thing(Client, ThingName, Input0, Options)
• create_thing_group(Client, ThingGroupName, Input)
  Create a thing group.
• create_thing_group(Client, ThingGroupName, Input0, Options)
• create_thing_type(Client, ThingTypeName, Input)
  Creates a new thing type.
• create_thing_type(Client, ThingTypeName, Input0, Options)
• create_topic_rule(Client, RuleName, Input)
  Creates a rule.
• create_topic_rule(Client, RuleName, Input0, Options)
• create_topic_rule_destination(Client, Input)
  Creates a topic rule destination.
• create_topic_rule_destination(Client, Input0, Options)
• delete_account_audit_configuration(Client, Input)
  Restores the default settings for Device Defender audits for this account.
• delete_account_audit_configuration(Client, Input0, Options)
• delete_authorizer(Client, AuthorizerName, Input)
  Deletes an authorizer.
• delete_authorizer(Client, AuthorizerName, Input0, Options)
• delete_billing_group(Client, BillingGroupName, Input)
  Deletes the billing group.
• delete_billing_group(Client, BillingGroupName, Input0, Options)
• delete_c_a_certificate(Client, CertificateId, Input)
  Deletes a registered CA certificate.
• delete_c_a_certificate(Client, CertificateId, Input0, Options)
• delete_certificate(Client, CertificateId, Input)
  Deletes the specified certificate.
• delete_certificate(Client, CertificateId, Input0, Options)
• delete_dimension(Client, Name, Input)
  Removes the specified dimension from your AWS account.
• delete_dimension(Client, Name, Input0, Options)
• delete_domain_configuration(Client, DomainConfigurationName, Input)
  Deletes the specified domain configuration.
• delete_domain_configuration(Client, DomainConfigurationName, Input0, Options)
• delete_dynamic_thing_group(Client, ThingGroupName, Input)
  Deletes a dynamic thing group.
• delete_dynamic_thing_group(Client, ThingGroupName, Input0, Options)
• delete_job(Client, JobId, Input)
  Deletes a job and its related job executions.
• delete_job(Client, JobId, Input0, Options)
• delete_job_execution(Client, ExecutionNumber, JobId, ThingName, Input)
  Deletes a job execution.
• delete_job_execution(Client, ExecutionNumber, JobId, ThingName, Input0, Options)
• delete_mitigation_action(Client, ActionName, Input)
  Deletes a defined mitigation action from your AWS account.
• delete_mitigation_action(Client, ActionName, Input0, Options)
• delete_o_t_a_update(Client, OtaUpdateId, Input)
  Delete an OTA update.
• delete_o_t_a_update(Client, OtaUpdateId, Input0, Options)
• delete_policy(Client, PolicyName, Input)
  Deletes the specified policy.
• delete_policy(Client, PolicyName, Input0, Options)
• delete_policy_version(Client, PolicyName, PolicyVersionId, Input)
  Deletes the specified version of the specified policy.
• delete_policy_version(Client, PolicyName, PolicyVersionId, Input0, Options)
• delete_provisioning_template(Client, TemplateName, Input)
  Deletes a fleet provisioning template.
• delete_provisioning_template(Client, TemplateName, Input0, Options)
• delete_provisioning_template_version(Client, TemplateName, VersionId, Input)
  Deletes a fleet provisioning template version.
• delete_provisioning_template_version(Client, TemplateName, VersionId, Input0, Options)
• delete_registration_code(Client, Input)
  Deletes a CA certificate registration code.
• delete_registration_code(Client, Input0, Options)
• delete_role_alias(Client, RoleAlias, Input)
  Deletes a role alias.
• delete_role_alias(Client, RoleAlias, Input0, Options)
• delete_scheduled_audit(Client, ScheduledAuditName, Input)
  Deletes a scheduled audit.
• delete_scheduled_audit(Client, ScheduledAuditName, Input0, Options)
• delete_security_profile(Client, SecurityProfileName, Input)
  Deletes a Device Defender security profile.
• delete_security_profile(Client, SecurityProfileName, Input0, Options)
• delete_stream(Client, StreamId, Input)
  Deletes a stream.
• delete_stream(Client, StreamId, Input0, Options)
• delete_thing(Client, ThingName, Input)
  Deletes the specified thing.
• delete_thing(Client, ThingName, Input0, Options)
• delete_thing_group(Client, ThingGroupName, Input)
  Deletes a thing group.
• delete_thing_group(Client, ThingGroupName, Input0, Options)
• delete_thing_type(Client, ThingTypeName, Input)
  Deletes the specified thing type.
• delete_thing_type(Client, ThingTypeName, Input0, Options)
• delete_topic_rule(Client, RuleName, Input)
  Deletes the rule.
• delete_topic_rule(Client, RuleName, Input0, Options)
• delete_topic_rule_destination(Client, Arn, Input)
  Deletes a topic rule destination.
• delete_topic_rule_destination(Client, Arn, Input0, Options)
• delete_v2_logging_level(Client, Input)
  Deletes a logging level.
• delete_v2_logging_level(Client, Input0, Options)
• deprecate_thing_type(Client, ThingTypeName, Input)
  Deprecates a thing type.
• deprecate_thing_type(Client, ThingTypeName, Input0, Options)
• describe_account_audit_configuration(Client)
  Gets information about the Device Defender audit settings for this account.
• describe_account_audit_configuration(Client, Options)
• describe_audit_finding(Client, FindingId)
  Gets information about a single audit finding.
• describe_audit_finding(Client, FindingId, Options)
• describe_audit_mitigation_actions_task(Client, TaskId)
  Gets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings.
• describe_audit_mitigation_actions_task(Client, TaskId, Options)
• describe_audit_task(Client, TaskId)
  Gets information about a Device Defender audit.
• describe_audit_task(Client, TaskId, Options)
• describe_authorizer(Client, AuthorizerName)
  Describes an authorizer.
• describe_authorizer(Client, AuthorizerName, Options)
• describe_billing_group(Client, BillingGroupName)
  Returns information about a billing group.
• describe_billing_group(Client, BillingGroupName, Options)
• describe_c_a_certificate(Client, CertificateId)
  Describes a registered CA certificate.
• describe_c_a_certificate(Client, CertificateId, Options)
• describe_certificate(Client, CertificateId)
  Gets information about the specified certificate.
• describe_certificate(Client, CertificateId, Options)
• describe_default_authorizer(Client)
  Describes the default authorizer.
• describe_default_authorizer(Client, Options)
• describe_dimension(Client, Name)
  Provides details about a dimension that is defined in your AWS account.
• describe_dimension(Client, Name, Options)
• describe_domain_configuration(Client, DomainConfigurationName)
  Gets summary information about a domain configuration.
• describe_domain_configuration(Client, DomainConfigurationName, Options)
• describe_endpoint(Client)
  Returns a unique endpoint specific to the AWS account making the call.
• describe_endpoint(Client, Options)
• describe_event_configurations(Client)
  Describes event configurations.
• describe_event_configurations(Client, Options)
• describe_index(Client, IndexName)
  Describes a search index.
• describe_index(Client, IndexName, Options)
• describe_job(Client, JobId)
  Describes a job.
• describe_job(Client, JobId, Options)
• describe_job_execution(Client, JobId, ThingName)
  Describes a job execution.
• describe_job_execution(Client, JobId, ThingName, Options)
• describe_mitigation_action(Client, ActionName)
  Gets information about a mitigation action.
• describe_mitigation_action(Client, ActionName, Options)
• describe_provisioning_template(Client, TemplateName)
  Returns information about a fleet provisioning template.
• describe_provisioning_template(Client, TemplateName, Options)
• describe_provisioning_template_version(Client, TemplateName, VersionId)
  Returns information about a fleet provisioning template version.
• describe_provisioning_template_version(Client, TemplateName, VersionId, Options)
• describe_role_alias(Client, RoleAlias)
  Describes a role alias.
• describe_role_alias(Client, RoleAlias, Options)
• describe_scheduled_audit(Client, ScheduledAuditName)
  Gets information about a scheduled audit.
• describe_scheduled_audit(Client, ScheduledAuditName, Options)
• describe_security_profile(Client, SecurityProfileName)
  Gets information about a Device Defender security profile.
• describe_security_profile(Client, SecurityProfileName, Options)
• describe_stream(Client, StreamId)
  Gets information about a stream.
• describe_stream(Client, StreamId, Options)
• describe_thing(Client, ThingName)
  Gets information about the specified thing.
• describe_thing(Client, ThingName, Options)
• describe_thing_group(Client, ThingGroupName)
  Describe a thing group.
• describe_thing_group(Client, ThingGroupName, Options)
• describe_thing_registration_task(Client, TaskId)
  Describes a bulk thing provisioning task.
• describe_thing_registration_task(Client, TaskId, Options)
• describe_thing_type(Client, ThingTypeName)
  Gets information about the specified thing type.
• describe_thing_type(Client, ThingTypeName, Options)
• detach_policy(Client, PolicyName, Input)
  Detaches a policy from the specified target.
• detach_policy(Client, PolicyName, Input0, Options)
• detach_principal_policy(Client, PolicyName, Input)
  Removes the specified policy from the specified certificate.
• detach_principal_policy(Client, PolicyName, Input0, Options)
• detach_security_profile(Client, SecurityProfileName, Input)
  Disassociates a Device Defender security profile from a thing group or from this account.
• detach_security_profile(Client, SecurityProfileName, Input0, Options)
• detach_thing_principal(Client, ThingName, Input)
  Detaches the specified principal from the specified thing.
• detach_thing_principal(Client, ThingName, Input0, Options)
• disable_topic_rule(Client, RuleName, Input)
  Disables the rule.
• disable_topic_rule(Client, RuleName, Input0, Options)
• enable_topic_rule(Client, RuleName, Input)
  Enables the rule.
• enable_topic_rule(Client, RuleName, Input0, Options)
• get_cardinality(Client, Input)
  Returns the approximate count of unique values that match the query.
• get_cardinality(Client, Input0, Options)
• get_effective_policies(Client, Input)
  Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the AWS IoT device gateway.
• get_effective_policies(Client, Input0, Options)
• get_indexing_configuration(Client)
  Gets the indexing configuration.
• get_indexing_configuration(Client, Options)
• get_job_document(Client, JobId)
  Gets a job document.
• get_job_document(Client, JobId, Options)
• get_logging_options(Client)
  Gets the logging options.
• get_logging_options(Client, Options)
• get_o_t_a_update(Client, OtaUpdateId)
  Gets an OTA update.
• get_o_t_a_update(Client, OtaUpdateId, Options)
• get_percentiles(Client, Input)
  Groups the aggregated values that match the query into percentile groupings.
• get_percentiles(Client, Input0, Options)
• get_policy(Client, PolicyName)
  Gets information about the specified policy with the policy document of the default version.
• get_policy(Client, PolicyName, Options)
• get_policy_version(Client, PolicyName, PolicyVersionId)
  Gets information about the specified policy version.
• get_policy_version(Client, PolicyName, PolicyVersionId, Options)
• get_registration_code(Client)
  Gets a registration code used to register a CA certificate with AWS IoT.
• get_registration_code(Client, Options)
• get_statistics(Client, Input)
  Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field.
• get_statistics(Client, Input0, Options)
• get_topic_rule(Client, RuleName)
  Gets information about the rule.
• get_topic_rule(Client, RuleName, Options)
• get_topic_rule_destination(Client, Arn)
  Gets information about a topic rule destination.
• get_topic_rule_destination(Client, Arn, Options)
• get_v2_logging_options(Client)
  Gets the fine grained logging options.
• get_v2_logging_options(Client, Options)
• list_active_violations(Client)
  Lists the active violations for a given Device Defender security profile.
• list_active_violations(Client, Options)
• list_attached_policies(Client, Target, Input)
  Lists the policies attached to the specified thing group.
• list_attached_policies(Client, Target, Input0, Options)
• list_audit_findings(Client, Input)
  Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period.
• list_audit_findings(Client, Input0, Options)
• list_audit_mitigation_actions_executions(Client)
  Gets the status of audit mitigation action tasks that were executed.
• list_audit_mitigation_actions_executions(Client, Options)
• list_audit_mitigation_actions_tasks(Client)
  Gets a list of audit mitigation action tasks that match the specified filters.
• list_audit_mitigation_actions_tasks(Client, Options)
• list_audit_tasks(Client)
  Lists the Device Defender audits that have been performed during a given time period.
• list_audit_tasks(Client, Options)
• list_authorizers(Client)
  Lists the authorizers registered in your account.
• list_authorizers(Client, Options)
• list_billing_groups(Client)
  Lists the billing groups you have created.
• list_billing_groups(Client, Options)
• list_c_a_certificates(Client)
  Lists the CA certificates registered for your AWS account.
• list_c_a_certificates(Client, Options)
• list_certificates(Client)
  Lists the certificates registered in your AWS account.
• list_certificates(Client, Options)
• list_certificates_by_c_a(Client, CaCertificateId)
  List the device certificates signed by the specified CA certificate.
• list_certificates_by_c_a(Client, CaCertificateId, Options)
• list_dimensions(Client)
  List the set of dimensions that are defined for your AWS account.
• list_dimensions(Client, Options)
• list_domain_configurations(Client)
  Gets a list of domain configurations for the user.
• list_domain_configurations(Client, Options)
• list_indices(Client)
  Lists the search indices.
• list_indices(Client, Options)
• list_job_executions_for_job(Client, JobId)
  Lists the job executions for a job.
• list_job_executions_for_job(Client, JobId, Options)
• list_job_executions_for_thing(Client, ThingName)
  Lists the job executions for the specified thing.
• list_job_executions_for_thing(Client, ThingName, Options)
• list_jobs(Client)
  Lists jobs.
• list_jobs(Client, Options)
• list_mitigation_actions(Client)
  Gets a list of all mitigation actions that match the specified filter criteria.
• list_mitigation_actions(Client, Options)
• list_o_t_a_updates(Client)
  Lists OTA updates.
• list_o_t_a_updates(Client, Options)
• list_outgoing_certificates(Client)
  Lists certificates that are being transferred but not yet accepted.
• list_outgoing_certificates(Client, Options)
• list_policies(Client)
  Lists your policies.
• list_policies(Client, Options)
• list_policy_principals(Client, PolicyName)
  Lists the principals associated with the specified policy.
• list_policy_principals(Client, PolicyName, Options)
• list_policy_versions(Client, PolicyName)
  Lists the versions of the specified policy and identifies the default version.
• list_policy_versions(Client, PolicyName, Options)
• list_principal_policies(Client, Principal)
  Lists the policies attached to the specified principal.
• list_principal_policies(Client, Principal, Options)
• list_principal_things(Client, Principal)
  Lists the things associated with the specified principal.
• list_principal_things(Client, Principal, Options)
• list_provisioning_template_versions(Client, TemplateName)
  A list of fleet provisioning template versions.
• list_provisioning_template_versions(Client, TemplateName, Options)
• list_provisioning_templates(Client)
  Lists the fleet provisioning templates in your AWS account.
• list_provisioning_templates(Client, Options)
• list_role_aliases(Client)
  Lists the role aliases registered in your account.
• list_role_aliases(Client, Options)
• list_scheduled_audits(Client)
  Lists all of your scheduled audits.
• list_scheduled_audits(Client, Options)
• list_security_profiles(Client)
  Lists the Device Defender security profiles you have created.
• list_security_profiles(Client, Options)
• list_security_profiles_for_target(Client)
  Lists the Device Defender security profiles attached to a target (thing group).
• list_security_profiles_for_target(Client, Options)
• list_streams(Client)
  Lists all of the streams in your AWS account.
• list_streams(Client, Options)
• list_tags_for_resource(Client)
  Lists the tags (metadata) you have assigned to the resource.
• list_tags_for_resource(Client, Options)
• list_targets_for_policy(Client, PolicyName, Input)
  List targets for the specified policy.
• list_targets_for_policy(Client, PolicyName, Input0, Options)
• list_targets_for_security_profile(Client, SecurityProfileName)
  Lists the targets (thing groups) associated with a given Device Defender security profile.
• list_targets_for_security_profile(Client, SecurityProfileName, Options)
• list_thing_groups(Client)
  List the thing groups in your account.
• list_thing_groups(Client, Options)
• list_thing_groups_for_thing(Client, ThingName)
  List the thing groups to which the specified thing belongs.
• list_thing_groups_for_thing(Client, ThingName, Options)
• list_thing_principals(Client, ThingName)
  Lists the principals associated with the specified thing.
• list_thing_principals(Client, ThingName, Options)
• list_thing_registration_task_reports(Client, TaskId)
  Information about the thing registration tasks.
• list_thing_registration_task_reports(Client, TaskId, Options)
• list_thing_registration_tasks(Client)
  List bulk thing provisioning tasks.
• list_thing_registration_tasks(Client, Options)
• list_thing_types(Client)
  Lists the existing thing types.
• list_thing_types(Client, Options)
• list_things(Client)
  Lists your things.
• list_things(Client, Options)
• list_things_in_billing_group(Client, BillingGroupName)
  Lists the things you have added to the given billing group.
• list_things_in_billing_group(Client, BillingGroupName, Options)
• list_things_in_thing_group(Client, ThingGroupName)
  Lists the things in the specified group.
• list_things_in_thing_group(Client, ThingGroupName, Options)
• list_topic_rule_destinations(Client)
  Lists all the topic rule destinations in your AWS account.
• list_topic_rule_destinations(Client, Options)
• list_topic_rules(Client)
  Lists the rules for the specific topic.
• list_topic_rules(Client, Options)
• list_v2_logging_levels(Client)
  Lists logging levels.
• list_v2_logging_levels(Client, Options)
• list_violation_events(Client)
  Lists the Device Defender security profile violations discovered during the given time period.
• list_violation_events(Client, Options)
• register_c_a_certificate(Client, Input)
  Registers a CA certificate with AWS IoT.
• register_c_a_certificate(Client, Input0, Options)
• register_certificate(Client, Input)
  Registers a device certificate with AWS IoT.
• register_certificate(Client, Input0, Options)
• register_certificate_without_c_a(Client, Input)
  Register a certificate that does not have a certificate authority (CA).
• register_certificate_without_c_a(Client, Input0, Options)
• register_thing(Client, Input)
  Provisions a thing in the device registry.
• register_thing(Client, Input0, Options)
• reject_certificate_transfer(Client, CertificateId, Input)
  Rejects a pending certificate transfer.
• reject_certificate_transfer(Client, CertificateId, Input0, Options)
• remove_thing_from_billing_group(Client, Input)
  Removes the given thing from the billing group.
• remove_thing_from_billing_group(Client, Input0, Options)
• remove_thing_from_thing_group(Client, Input)
  Remove the specified thing from the specified group.
• remove_thing_from_thing_group(Client, Input0, Options)
• replace_topic_rule(Client, RuleName, Input)
  Replaces the rule.
• replace_topic_rule(Client, RuleName, Input0, Options)
• search_index(Client, Input)
  The query search index.
• search_index(Client, Input0, Options)
• set_default_authorizer(Client, Input)
  Sets the default authorizer.
• set_default_authorizer(Client, Input0, Options)
• set_default_policy_version(Client, PolicyName, PolicyVersionId, Input)
  Sets the specified version of the specified policy as the policy's default (operative) version.
• set_default_policy_version(Client, PolicyName, PolicyVersionId, Input0, Options)
• set_logging_options(Client, Input)
  Sets the logging options.
• set_logging_options(Client, Input0, Options)
• set_v2_logging_level(Client, Input)
  Sets the logging level.
• set_v2_logging_level(Client, Input0, Options)
• set_v2_logging_options(Client, Input)
  Sets the logging options for the V2 logging service.
• set_v2_logging_options(Client, Input0, Options)
• start_audit_mitigation_actions_task(Client, TaskId, Input)
  Starts a task that applies a set of mitigation actions to the specified target.
• start_audit_mitigation_actions_task(Client, TaskId, Input0, Options)
• start_on_demand_audit_task(Client, Input)
  Starts an on-demand Device Defender audit.
• start_on_demand_audit_task(Client, Input0, Options)
• start_thing_registration_task(Client, Input)
  Creates a bulk thing provisioning task.
• start_thing_registration_task(Client, Input0, Options)
• stop_thing_registration_task(Client, TaskId, Input)
  Cancels a bulk thing provisioning task.
• stop_thing_registration_task(Client, TaskId, Input0, Options)
• tag_resource(Client, Input)
  Adds to or modifies the tags of the given resource.
• tag_resource(Client, Input0, Options)
• test_authorization(Client, Input)
  Tests if a specified principal is authorized to perform an AWS IoT action on a specified resource.
• test_authorization(Client, Input0, Options)
• test_invoke_authorizer(Client, AuthorizerName, Input)
  Tests a custom authorization behavior by invoking a specified custom authorizer.
• test_invoke_authorizer(Client, AuthorizerName, Input0, Options)
• transfer_certificate(Client, CertificateId, Input)
  Transfers the specified certificate to the specified AWS account.
• transfer_certificate(Client, CertificateId, Input0, Options)
• untag_resource(Client, Input)
  Removes the given tags (metadata) from the resource.
• untag_resource(Client, Input0, Options)
• update_account_audit_configuration(Client, Input)
  Configures or reconfigures the Device Defender audit settings for this account.
• update_account_audit_configuration(Client, Input0, Options)
• update_authorizer(Client, AuthorizerName, Input)
  Updates an authorizer.
• update_authorizer(Client, AuthorizerName, Input0, Options)
• update_billing_group(Client, BillingGroupName, Input)
  Updates information about the billing group.
• update_billing_group(Client, BillingGroupName, Input0, Options)
• update_c_a_certificate(Client, CertificateId, Input)
  Updates a registered CA certificate.
• update_c_a_certificate(Client, CertificateId, Input0, Options)
• update_certificate(Client, CertificateId, Input)
  Updates the status of the specified certificate.
• update_certificate(Client, CertificateId, Input0, Options)
• update_dimension(Client, Name, Input)
  Updates the definition for a dimension.
• update_dimension(Client, Name, Input0, Options)
• update_domain_configuration(Client, DomainConfigurationName, Input)
  Updates values stored in the domain configuration.
• update_domain_configuration(Client, DomainConfigurationName, Input0, Options)
• update_dynamic_thing_group(Client, ThingGroupName, Input)
  Updates a dynamic thing group.
• update_dynamic_thing_group(Client, ThingGroupName, Input0, Options)
• update_event_configurations(Client, Input)
  Updates the event configurations.
• update_event_configurations(Client, Input0, Options)
• update_indexing_configuration(Client, Input)
  Updates the search configuration.
• update_indexing_configuration(Client, Input0, Options)
• update_job(Client, JobId, Input)
  Updates supported fields of the specified job.
• update_job(Client, JobId, Input0, Options)
• update_mitigation_action(Client, ActionName, Input)
  Updates the definition for the specified mitigation action.
• update_mitigation_action(Client, ActionName, Input0, Options)
• update_provisioning_template(Client, TemplateName, Input)
  Updates a fleet provisioning template.
• update_provisioning_template(Client, TemplateName, Input0, Options)
• update_role_alias(Client, RoleAlias, Input)
  Updates a role alias.
• update_role_alias(Client, RoleAlias, Input0, Options)
• update_scheduled_audit(Client, ScheduledAuditName, Input)
  Updates a scheduled audit, including which checks are performed and how often the audit takes place.
• update_scheduled_audit(Client, ScheduledAuditName, Input0, Options)
• update_security_profile(Client, SecurityProfileName, Input)
  Updates a Device Defender security profile.
• update_security_profile(Client, SecurityProfileName, Input0, Options)
• update_stream(Client, StreamId, Input)
  Updates an existing stream.
• update_stream(Client, StreamId, Input0, Options)
• update_thing(Client, ThingName, Input)
  Updates the data for a thing.
• update_thing(Client, ThingName, Input0, Options)
• update_thing_group(Client, ThingGroupName, Input)
  Update a thing group.
• update_thing_group(Client, ThingGroupName, Input0, Options)
• update_thing_groups_for_thing(Client, Input)
  Updates the groups to which the thing belongs.
• update_thing_groups_for_thing(Client, Input0, Options)
• update_topic_rule_destination(Client, Input)
  Updates a topic rule destination.
• update_topic_rule_destination(Client, Input0, Options)
• validate_security_profile_behaviors(Client, Input)
  Validates a Device Defender security profile behaviors specification.
• validate_security_profile_behaviors(Client, Input0, Options)

Functions

Accepts a pending certificate transfer. The default state of the certificate is INACTIVE.

Adds a thing to a billing group.

Adds a thing to a thing group.

Associates a group with a continuous job. The following criteria must be met:

• The job must have been created with the targetSelection field set to "CONTINUOUS".

• The job status must currently be "IN_PROGRESS".

• The total number of targets associated with a job must not exceed 100.

Attaches a policy to the specified target.

Attaches the specified policy to the specified principal (certificate or other credential).

Associates a Device Defender security profile with a thing group or this account. Each thing group or account can have up to five security profiles associated with it.

Attaches the specified principal to the specified thing. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

Cancels a mitigation action task that is in progress. If the task is not in progress, an InvalidRequestException occurs.

Cancels an audit that is in progress. The audit can be either scheduled or on-demand. If the audit is not in progress, an "InvalidRequestException" occurs.

Cancels a pending transfer for the specified certificate.

Note Only the transfer source account can use this operation to cancel a transfer. (Transfer destinations can use RejectCertificateTransfer instead.) After transfer, AWS IoT returns the certificate to the source account in the INACTIVE state. After the destination account has accepted the transfer, the transfer cannot be cancelled.

Cancels a job.

Cancels the execution of a job for a given thing.

Clears the default authorizer.

Confirms a topic rule destination. When you create a rule requiring a destination, AWS IoT sends a confirmation message to the endpoint or base address you specify. The message includes a token which you pass back when calling ConfirmTopicRuleDestination to confirm that you own or have access to the endpoint.

Creates an authorizer.

Creates a billing group.

Creates an X.509 certificate using the specified certificate signing request.

Note: The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256 or NIST P-384 curves.

Note: Reusing the same certificate signing request (CSR) results in a distinct certificate.

You can create multiple certificates in a batch by creating a directory, copying multiple .csr files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs.

Assuming a set of CSRs are located inside of the directory my-csr-directory:

On Linux and OS X, the command is:

$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}

This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr AWS CLI command to create a certificate for the corresponding CSR.

The aws iot create-certificate-from-csr part of the command can also be run in parallel to speed up the certificate creation process:

$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}

On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:

> ls -Name my-csr-directory | %{aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/$_}

On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:

Create a dimension that you can use to limit the scope of a metric used in a security profile for AWS IoT Device Defender. For example, using a TOPIC_FILTER dimension, you can narrow down the scope of the metric only to MQTT topics whose name match the pattern specified in the dimension.

Creates a domain configuration.

Creates a dynamic thing group.

Creates a job.

Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key. You can also call CreateKeysAndCertificate over MQTT from a device, for more information, see Provisioning MQTT API.

Defines an action that can be applied to audit findings by using StartAuditMitigationActionsTask. Each mitigation action can apply only one type of change.

Creates an AWS IoT OTAUpdate on a target group of things or groups.

Creates an AWS IoT policy.

Creates a new version of the specified AWS IoT policy. To update a policy, create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must use DeletePolicyVersion to delete an existing version before you create a new one.

Creates a provisioning claim.

Creates a fleet provisioning template.

Creates a new version of a fleet provisioning template.

Creates a role alias.

Creates a scheduled audit that is run at a specified time interval.

Creates a Device Defender security profile.

Creates a stream for delivering one or more large files in chunks over MQTT. A stream transports data bytes in chunks or blocks packaged as MQTT messages from a source like S3. You can have one or more files associated with a stream.

Creates a thing record in the registry. If this call is made multiple times using the same thing name and configuration, the call will succeed. If this call is made with the same thing name but different configuration a ResourceAlreadyExistsException is thrown.

Create a thing group.

Creates a new thing type.

Creates a rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.

Creates a topic rule destination. The destination must be confirmed prior to use.

Restores the default settings for Device Defender audits for this account. Any configuration data you entered is deleted and all audit checks are reset to disabled.

Deletes an authorizer.

Deletes the billing group.

Deletes a registered CA certificate.

Deletes the specified certificate.

Removes the specified dimension from your AWS account.

Deletes the specified domain configuration.

Deletes a dynamic thing group.

Deletes a job and its related job executions.

Deleting a job may take time, depending on the number of job executions created for the job and various other factors. While the job is being deleted, the status of the job will be shown as "DELETION_IN_PROGRESS". Attempting to delete or cancel a job whose status is already "DELETION_IN_PROGRESS" will result in an error.

Deletes a job execution.

Deletes a defined mitigation action from your AWS account.

Delete an OTA update.

Deletes the specified policy.

A policy cannot be deleted if it has non-default versions or it is attached to any certificate.

To delete a policy, use the DeletePolicyVersion API to delete all non-default versions of the policy; use the DetachPrincipalPolicy API to detach the policy from any certificate; and then use the DeletePolicy API to delete the policy.

Deletes the specified version of the specified policy. You cannot delete the default version of a policy using this API. To delete the default version of a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions.

Deletes a fleet provisioning template.

Deletes a fleet provisioning template version.

Deletes a CA certificate registration code.

Deletes a role alias

Deletes a scheduled audit.

Deletes a Device Defender security profile.

Deletes a stream.

Deletes the specified thing. Returns successfully with no error if the deletion is successful or you specify a thing that doesn't exist.

Deletes a thing group.

Deletes the specified thing type. You cannot delete a thing type if it has things associated with it. To delete a thing type, first mark it as deprecated by calling DeprecateThingType, then remove any associated things by calling UpdateThing to change the thing type on any associated thing, and finally use DeleteThingType to delete the thing type.

Deletes the rule.

Deletes a topic rule destination.

Deletes a logging level.

Deprecates a thing type. You can not associate new things with deprecated thing type.

Gets information about the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled.

Gets information about a single audit finding. Properties include the reason for noncompliance, the severity of the issue, and when the audit that returned the finding was started.

Gets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings. Properties include the actions being applied, the audit checks to which they're being applied, the task status, and aggregated task statistics.

Gets information about a Device Defender audit.

Describes an authorizer.

Returns information about a billing group.

Describes a registered CA certificate.

Gets information about the specified certificate.

Describes the default authorizer.

Provides details about a dimension that is defined in your AWS account.

Gets summary information about a domain configuration.

Returns a unique endpoint specific to the AWS account making the call.

Describes event configurations.

Describes a search index.

Describes a job.

Describes a job execution.

Gets information about a mitigation action.

Returns information about a fleet provisioning template.

Returns information about a fleet provisioning template version.

Describes a role alias.

Gets information about a scheduled audit.

Gets information about a Device Defender security profile.

Gets information about a stream.

Gets information about the specified thing.

Describe a thing group.

Describes a bulk thing provisioning task.

Gets information about the specified thing type.

Detaches a policy from the specified target.

Removes the specified policy from the specified certificate.

Disassociates a Device Defender security profile from a thing group or from this account.

Detaches the specified principal from the specified thing. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

Disables the rule.

Enables the rule.

Returns the approximate count of unique values that match the query.

Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the AWS IoT device gateway.

Gets the indexing configuration.

Gets a job document.

Gets the logging options.

Gets an OTA update.

Groups the aggregated values that match the query into percentile groupings. The default percentile groupings are: 1,5,25,50,75,95,99, although you can specify your own when you call GetPercentiles. This function returns a value for each percentile group specified (or the default percentile groupings). The percentile group "1" contains the aggregated field value that occurs in approximately one percent of the values that match the query. The percentile group "5" contains the aggregated field value that occurs in approximately five percent of the values that match the query, and so on. The result is an approximation, the more values that match the query, the more accurate the percentile values.

Gets information about the specified policy with the policy document of the default version.

Gets information about the specified policy version.

Gets a registration code used to register a CA certificate with AWS IoT.

Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field. If the aggregation field is of type String, only the count statistic is returned.

Gets information about the rule.

Gets information about a topic rule destination.

Gets the fine grained logging options.

Lists the active violations for a given Device Defender security profile.

Lists the policies attached to the specified thing group.

Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period. (Findings are retained for 180 days.)

Gets the status of audit mitigation action tasks that were executed.

Gets a list of audit mitigation action tasks that match the specified filters.

Lists the Device Defender audits that have been performed during a given time period.

Lists the authorizers registered in your account.

Lists the billing groups you have created.

Lists the CA certificates registered for your AWS account.

Lists the certificates registered in your AWS account.

List the device certificates signed by the specified CA certificate.

List the set of dimensions that are defined for your AWS account.

Gets a list of domain configurations for the user. This list is sorted alphabetically by domain configuration name.

Lists the search indices.

Lists the job executions for a job.

Lists the job executions for the specified thing.

Lists jobs.

Gets a list of all mitigation actions that match the specified filter criteria.

Lists OTA updates.

Lists certificates that are being transferred but not yet accepted.

Lists your policies.

Lists the principals associated with the specified policy.

Lists the versions of the specified policy and identifies the default version.

Lists the policies attached to the specified principal. If you use an Cognito identity, the ID must be in AmazonCognito Identity format.

Lists the things associated with the specified principal. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

A list of fleet provisioning template versions.

Lists the fleet provisioning templates in your AWS account.

Lists the role aliases registered in your account.

Lists all of your scheduled audits.

Lists the Device Defender security profiles you have created. You can use filters to list only those security profiles associated with a thing group or only those associated with your account.

Lists the Device Defender security profiles attached to a target (thing group).

Lists all of the streams in your AWS account.

Lists the tags (metadata) you have assigned to the resource.

List targets for the specified policy.

Lists the targets (thing groups) associated with a given Device Defender security profile.

List the thing groups in your account.

List the thing groups to which the specified thing belongs.

Lists the principals associated with the specified thing. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.

Information about the thing registration tasks.

List bulk thing provisioning tasks.

Lists the existing thing types.

Lists your things. Use the attributeName and attributeValue parameters to filter your things. For example, calling ListThings with attributeName=Color and attributeValue=Red retrieves all things in the registry that contain an attribute Color with the value Red.

Lists the things you have added to the given billing group.

Lists the things in the specified group.

Lists all the topic rule destinations in your AWS account.

Lists the rules for the specific topic.

Lists logging levels.

Lists the Device Defender security profile violations discovered during the given time period. You can use filters to limit the results to those alerts issued for a particular security profile, behavior, or thing (device).

Registers a CA certificate with AWS IoT. This CA certificate can then be used to sign device certificates, which can be then registered with AWS IoT. You can register up to 10 CA certificates per AWS account that have the same subject field. This enables you to have up to 10 certificate authorities sign your device certificates. If you have more than one CA certificate registered, make sure you pass the CA certificate when you register your device certificates with the RegisterCertificate API.

Registers a device certificate with AWS IoT. If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered.

Register a certificate that does not have a certificate authority (CA).

Provisions a thing in the device registry. RegisterThing calls other AWS IoT control plane APIs. These calls might exceed your account level AWS IoT Throttling Limits and cause throttle errors. Please contact AWS Customer Support to raise your throttling limits if necessary.

Rejects a pending certificate transfer. After AWS IoT rejects a certificate transfer, the certificate status changes from PENDING_TRANSFER to INACTIVE.

To check for pending certificate transfers, call ListCertificates to enumerate your certificates.

Removes the given thing from the billing group.

Remove the specified thing from the specified group.

Replaces the rule. You must specify all parameters for the new rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.

The query search index.

Sets the default authorizer. This will be used if a websocket connection is made without specifying an authorizer.

Sets the specified version of the specified policy as the policy's default (operative) version. This action affects all certificates to which the policy is attached. To list the principals the policy is attached to, use the ListPrincipalPolicy API.

Sets the logging options.

Sets the logging level.

Sets the logging options for the V2 logging service.

Starts a task that applies a set of mitigation actions to the specified target.

Starts an on-demand Device Defender audit.

Creates a bulk thing provisioning task.

Cancels a bulk thing provisioning task.

Adds to or modifies the tags of the given resource. Tags are metadata which can be used to manage a resource.

Tests if a specified principal is authorized to perform an AWS IoT action on a specified resource. Use this to test and debug the authorization behavior of devices that connect to the AWS IoT device gateway.

Tests a custom authorization behavior by invoking a specified custom authorizer. Use this to test and debug the custom authorization behavior of devices that connect to the AWS IoT device gateway.

Transfers the specified certificate to the specified AWS account.

You can cancel the transfer until it is acknowledged by the recipient.

No notification is sent to the transfer destination's account. It is up to the caller to notify the transfer target.

The certificate being transferred must not be in the ACTIVE state. You can use the UpdateCertificate API to deactivate it.

Removes the given tags (metadata) from the resource.

Configures or reconfigures the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled.

Updates an authorizer.

Updates information about the billing group.

Updates a registered CA certificate.

Updates the status of the specified certificate. This operation is idempotent.

Moving a certificate from the ACTIVE state (including REVOKED) will not disconnect currently connected devices, but these devices will be unable to reconnect.

Updates the definition for a dimension. You cannot change the type of a dimension after it is created (you can delete it and re-create it).

Updates values stored in the domain configuration. Domain configurations for default endpoints can't be updated.

Updates a dynamic thing group.

Updates the event configurations.

Updates the search configuration.

Updates supported fields of the specified job.

Updates the definition for the specified mitigation action.

Updates a fleet provisioning template.

Updates a role alias.

Updates a scheduled audit, including which checks are performed and how often the audit takes place.

Updates a Device Defender security profile.

Updates an existing stream. The stream version will be incremented by one.

Updates the data for a thing.

Update a thing group.

Updates the groups to which the thing belongs.

Updates a topic rule destination. You use this to change the status, endpoint URL, or confirmation URL of the destination.

Validates a Device Defender security profile behaviors specification.