View Source aws_iot (aws v1.0.4)
IoT
IoT provides secure, bi-directional communication between Internet-connected devices (such as sensors, actuators, embedded devices, or smart appliances) and the Amazon Web Services cloud.
You can discover your custom IoT-Data endpoint to communicate with, configure rules for data processing and integration with other services, organize resources associated with each device (Registry), configure logging, and create and manage policies and credentials to authenticate devices.
The service endpoints that expose this API are listed in Amazon Web Services IoT Core Endpoints and Quotas: https://docs.aws.amazon.com/general/latest/gr/iot-core.html. You must use the endpoint for the region that has the resources you want to access.
The service name used by Amazon Web Services Signature Version 4: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html to sign the request is: execute-api.
For more information about how IoT works, see the Developer Guide: https://docs.aws.amazon.com/iot/latest/developerguide/aws-iot-how-it-works.html.
For information about how to use the credentials provider for IoT, see Authorizing Direct Calls to Amazon Web Services Services: https://docs.aws.amazon.com/iot/latest/developerguide/authorizing-direct-aws.html.Summary
Functions
Accepts a pending certificate transfer.
Adds a thing to a billing group.
Adds a thing to a thing group.
Associates a group with a continuous job.
Attaches the specified policy to the specified principal (certificate or other credential).
Attaches the specified policy to the specified principal (certificate or other credential).
Associates a Device Defender security profile with a thing group or this account.
Attaches the specified principal to the specified thing.
Cancels a mitigation action task that is in progress.
Cancels an audit that is in progress.
Cancels a pending transfer for the specified certificate.
Cancels a Device Defender ML Detect mitigation action.
Cancels a job.
Cancels the execution of a job for a given thing.
Clears the default authorizer.
Confirms a topic rule destination.
Creates a Device Defender audit suppression.
Creates an authorizer.
Creates a billing group.
Creates an X.509 certificate using the specified certificate signing request.
Creates an Amazon Web Services IoT Core certificate provider.
Use this API to define a Custom Metric published by your devices to Device Defender.
Create a dimension that you can use to limit the scope of a metric used in a security profile for IoT Device Defender.
Creates a domain configuration.
Creates a dynamic thing group.
Creates a fleet metric.
Creates a job.
Creates a job template.
Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key.
Defines an action that can be applied to audit findings by using StartAuditMitigationActionsTask.
Creates an IoT OTA update on a target group of things or groups.
Creates an IoT software package that can be deployed to your fleet.
Creates a new version for an existing IoT software package.
Creates an IoT policy.
Creates a new version of the specified IoT policy.
Creates a provisioning claim.
Creates a provisioning template.
Creates a new version of a provisioning template.
Creates a role alias.
Creates a scheduled audit that is run at a specified time interval.
Creates a Device Defender security profile.
Creates a stream for delivering one or more large files in chunks over MQTT.
Creates a thing record in the registry.
Create a thing group.
Creates a new thing type.
Creates a rule.
Creates a topic rule destination.
Restores the default settings for Device Defender audits for this account.
Deletes a Device Defender audit suppression.
Deletes an authorizer.
Deletes the billing group.
Deletes a registered CA certificate.
Deletes the specified certificate.
Deletes a certificate provider.
Deletes a Device Defender detect custom metric.
Removes the specified dimension from your Amazon Web Services accounts.
Deletes the specified domain configuration.
Deletes a dynamic thing group.
Deletes the specified fleet metric.
Deletes a job and its related job executions.
Deletes a job execution.
Deletes a defined mitigation action from your Amazon Web Services accounts.
Delete an OTA update.
Deletes a specific version from a software package.
Deletes a specific version from a software package.
Deletes the specified policy.
Deletes the specified version of the specified policy.
Deletes a provisioning template.
Deletes a provisioning template version.
Deletes a CA certificate registration code.
Deletes a role alias
Deletes a scheduled audit.
Deletes a Device Defender security profile.
Deletes a stream.
Deletes the specified thing.
Deletes a thing group.
Deletes the specified thing type.
Deletes the rule.
Deletes a topic rule destination.
Deletes a logging level.
Deprecates a thing type.
Gets information about the Device Defender audit settings for this account.
Gets information about a single audit finding.
Gets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings.
Gets information about a Device Defender audit.
Describes an authorizer.
Returns information about a billing group.
Describes a registered CA certificate.
Gets information about the specified certificate.
Describes a certificate provider.
Gets information about a Device Defender detect custom metric.
Describes the default authorizer.
Gets information about a Device Defender ML Detect mitigation action.
Provides details about a dimension that is defined in your Amazon Web Services accounts.
Gets summary information about a domain configuration.
Returns or creates a unique endpoint specific to the Amazon Web Services account making the call.
Describes event configurations.
Gets information about the specified fleet metric.
Describes a search index.
Describes a job.
Describes a job execution.
Gets information about a mitigation action.
Returns information about a provisioning template.
Returns information about a provisioning template version.
Describes a role alias.
Gets information about a scheduled audit.
Gets information about a Device Defender security profile.
Gets information about a stream.
Gets information about the specified thing.
Describe a thing group.
Describes a bulk thing provisioning task.
Gets information about the specified thing type.
Detaches a policy from the specified target.
Removes the specified policy from the specified certificate.
Disassociates a Device Defender security profile from a thing group or from this account.
Detaches the specified principal from the specified thing.
Disables the rule.
Enables the rule.
Returns a Device Defender's ML Detect Security Profile training model's status.
Aggregates on indexed data with search queries pertaining to particular fields.
Returns the approximate count of unique values that match the query.
Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the IoT device gateway.
Gets the indexing configuration.
Gets a job document.
Gets the logging options.
Gets an OTA update.
Gets information about the specified software package.
Gets information about the specified software package's configuration.
Gets information about the specified package version.
Groups the aggregated values that match the query into percentile groupings.
Gets information about the specified policy with the policy document of the default version.
Gets information about the specified policy version.
Gets a registration code used to register a CA certificate with IoT.
Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field.
Gets information about the rule.
Gets information about a topic rule destination.
Gets the fine grained logging options.
Lists the active violations for a given Device Defender security profile.
Lists the policies attached to the specified thing group.
Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period.
Gets the status of audit mitigation action tasks that were executed.
Gets a list of audit mitigation action tasks that match the specified filters.
Lists your Device Defender audit listings.
Lists the Device Defender audits that have been performed during a given time period.
Lists the authorizers registered in your account.
Lists the billing groups you have created.
Lists the CA certificates registered for your Amazon Web Services account.
Lists all your certificate providers in your Amazon Web Services account.
Lists the certificates registered in your Amazon Web Services account.
List the device certificates signed by the specified CA certificate.
Lists your Device Defender detect custom metrics.
Lists mitigation actions executions for a Device Defender ML Detect Security Profile.
List of Device Defender ML Detect mitigation actions tasks.
List the set of dimensions that are defined for your Amazon Web Services accounts.
Gets a list of domain configurations for the user.
Lists all your fleet metrics.
Lists the search indices.
Lists the job executions for a job.
Lists the job executions for the specified thing.
Returns a list of job templates.
Lists jobs.
Gets a list of all mitigation actions that match the specified filter criteria.
Lists OTA updates.
Lists certificates that are being transferred but not yet accepted.
Lists the software package versions associated to the account.
Lists the software packages associated to the account.
Lists your policies.
Lists the principals associated with the specified policy.
Lists the versions of the specified policy and identifies the default version.
Lists the policies attached to the specified principal.
Lists the things associated with the specified principal.
A list of provisioning template versions.
Lists the provisioning templates in your Amazon Web Services account.
The related resources of an Audit finding.
Lists the role aliases registered in your account.
Lists all of your scheduled audits.
Lists the Device Defender security profiles you've created.
Lists the Device Defender security profiles attached to a target (thing group).
Lists all of the streams in your Amazon Web Services account.
Lists the tags (metadata) you have assigned to the resource.
List targets for the specified policy.
Lists the targets (thing groups) associated with a given Device Defender security profile.
List the thing groups in your account.
List the thing groups to which the specified thing belongs.
Lists the principals associated with the specified thing.
List bulk thing provisioning tasks.
Lists the existing thing types.
Lists your things.
Lists the things you have added to the given billing group.
Lists the things in the specified group.
Lists all the topic rule destinations in your Amazon Web Services account.
Lists the rules for the specific topic.
Lists logging levels.
Lists the Device Defender security profile violations discovered during the given time period.
Registers a CA certificate with Amazon Web Services IoT Core.
Registers a device certificate with IoT in the same certificate mode: https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode as the signing CA.
Register a certificate that does not have a certificate authority (CA).
Provisions a thing in the device registry.
Rejects a pending certificate transfer.
Removes the given thing from the billing group.
Remove the specified thing from the specified group.
Replaces the rule.
The query search index.
Sets the default authorizer.
Sets the specified version of the specified policy as the policy's default (operative) version.
Sets the logging options.
Sets the logging level.
Sets the logging options for the V2 logging service.
Starts a task that applies a set of mitigation actions to the specified target.
Starts a Device Defender ML Detect mitigation actions task.
Starts an on-demand Device Defender audit.
Creates a bulk thing provisioning task.
Cancels a bulk thing provisioning task.
Adds to or modifies the tags of the given resource.
Tests if a specified principal is authorized to perform an IoT action on a specified resource.
Tests a custom authorization behavior by invoking a specified custom authorizer.
Transfers the specified certificate to the specified Amazon Web Services account.
Removes the given tags (metadata) from the resource.
Configures or reconfigures the Device Defender audit settings for this account.
Updates an authorizer.
Updates information about the billing group.
Updates a registered CA certificate.
Updates the status of the specified certificate.
Updates a certificate provider.
Updates a Device Defender detect custom metric.
Updates the definition for a dimension.
Updates values stored in the domain configuration.
Updates a dynamic thing group.
Updates the event configurations.
Updates the data for a fleet metric.
Updates the search configuration.
Updates supported fields of the specified job.
Updates the definition for the specified mitigation action.
Updates the supported fields for a specific software package.
Updates the software package configuration.
Updates the supported fields for a specific package version.
Updates a provisioning template.
Updates a role alias.
Updates a scheduled audit, including which checks are performed and how often the audit takes place.
Updates a Device Defender security profile.
Updates an existing stream.
Updates the data for a thing.
Update a thing group.
Updates the groups to which the thing belongs.
Updates a topic rule destination.
Validates a Device Defender security profile behaviors specification.
Functions
Accepts a pending certificate transfer.
The default state of the certificate is INACTIVE.
To check for pending certificate transfers, call ListCertificates
to enumerate your certificates.
accept_certificate_transfer(Client, CertificateId, Input0, Options0)
View SourceAdds a thing to a billing group.
Requires permission to access the AddThingToBillingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Adds a thing to a thing group.
Requires permission to access the AddThingToThingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Associates a group with a continuous job.
The following criteria must be met:
The job must have been created with the
targetSelection
field set to "CONTINUOUS".The job status must currently be "IN_PROGRESS".
The total number of targets associated with a job must not exceed 100.
Attaches the specified policy to the specified principal (certificate or other credential).
Requires permission to access the AttachPolicy: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Attaches the specified policy to the specified principal (certificate or other credential).
Note: This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use AttachPolicy
instead.
Associates a Device Defender security profile with a thing group or this account.
Each thing group or account can have up to five security profiles associated with it.
Requires permission to access the AttachSecurityProfile: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.attach_security_profile(Client, SecurityProfileName, Input0, Options0)
View SourceAttaches the specified principal to the specified thing.
A principal can be X.509 certificates, Amazon Cognito identities or federated identities.
Requires permission to access the AttachThingPrincipal: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Cancels a mitigation action task that is in progress.
If the task is not in progress, an InvalidRequestException occurs.
Requires permission to access the CancelAuditMitigationActionsTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.cancel_audit_mitigation_actions_task(Client, TaskId, Input0, Options0)
View SourceCancels an audit that is in progress.
The audit can be either scheduled or on demand. If the audit isn't in progress, an "InvalidRequestException" occurs.
Requires permission to access the CancelAuditTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Cancels a pending transfer for the specified certificate.
Note Only the transfer source account can use this operation to cancel a transfer. (Transfer destinations can use RejectCertificateTransfer
instead.) After transfer, IoT returns the certificate to the source account in the INACTIVE state. After the destination account has accepted the transfer, the transfer cannot be cancelled.
After a certificate transfer is cancelled, the status of the certificate changes from PENDING_TRANSFER to INACTIVE.
Requires permission to access the CancelCertificateTransfer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.cancel_certificate_transfer(Client, CertificateId, Input0, Options0)
View SourceCancels a Device Defender ML Detect mitigation action.
Requires permission to access the CancelDetectMitigationActionsTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.cancel_detect_mitigation_actions_task(Client, TaskId, Input0, Options0)
View SourceCancels a job.
Requires permission to access the CancelJob: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Cancels the execution of a job for a given thing.
Requires permission to access the CancelJobExecution: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Clears the default authorizer.
Requires permission to access the ClearDefaultAuthorizer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Confirms a topic rule destination.
When you create a rule requiring a destination, IoT sends a confirmation message to the endpoint or base address you specify. The message includes a token which you pass back when calling ConfirmTopicRuleDestination
to confirm that you own or have access to the endpoint.
confirm_topic_rule_destination(Client, ConfirmationToken, QueryMap, HeadersMap)
View Sourceconfirm_topic_rule_destination(Client, ConfirmationToken, QueryMap, HeadersMap, Options0)
View SourceCreates a Device Defender audit suppression.
Requires permission to access the CreateAuditSuppression: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates an authorizer.
Requires permission to access the CreateAuthorizer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a billing group.
Requires permission to access the CreateBillingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates an X.509 certificate using the specified certificate signing request.
Requires permission to access the CreateCertificateFromCsr: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256, NIST P-384, or NIST P-521 curves. For supported certificates, consult Certificate signing algorithms supported by IoT: https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html#x509-cert-algorithms.
Reusing the same certificate signing request (CSR) results in a distinct certificate.
You can create multiple certificates in a batch by creating a directory, copying multiple .csr
files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs. In the following commands, we assume that a set of CSRs are located inside of the directory my-csr-directory:
On Linux and OS X, the command is:
$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}
This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr
Amazon Web Services CLI command to create a certificate for the corresponding CSR.
You can also run the aws iot create-certificate-from-csr
part of the command in parallel to speed up the certificate creation process:
$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}
On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:
> ls -Name my-csr-directory | %{aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/$_}
On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:
> forfiles /p my-csr-directory /c "cmd /c aws iot create-certificate-from-csr --certificate-signing-request file://@path"
create_certificate_provider(Client, CertificateProviderName, Input)
View SourceCreates an Amazon Web Services IoT Core certificate provider.
You can use Amazon Web Services IoT Core certificate provider to customize how to sign a certificate signing request (CSR) in IoT fleet provisioning. For more information, see Customizing certificate signing using Amazon Web Services IoT Core certificate provider: https://docs.aws.amazon.com/iot/latest/developerguide/provisioning-cert-provider.html from Amazon Web Services IoT Core Developer Guide.
Requires permission to access the CreateCertificateProvider: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
After you create a certificate provider, the behavior ofCreateCertificateFromCsr
API for fleet provisioning: https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr will change and all API calls to CreateCertificateFromCsr
will invoke the certificate provider to create the certificates. It can take up to a few minutes for this behavior to change after a certificate provider is created.
create_certificate_provider(Client, CertificateProviderName, Input0, Options0)
View SourceUse this API to define a Custom Metric published by your devices to Device Defender.
Requires permission to access the CreateCustomMetric: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Create a dimension that you can use to limit the scope of a metric used in a security profile for IoT Device Defender.
For example, using a TOPIC_FILTER
dimension, you can narrow down the scope of the metric only to MQTT topics whose name match the pattern specified in the dimension.
create_domain_configuration(Client, DomainConfigurationName, Input)
View SourceCreates a domain configuration.
Requires permission to access the CreateDomainConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.create_domain_configuration(Client, DomainConfigurationName, Input0, Options0)
View SourceCreates a dynamic thing group.
Requires permission to access the CreateDynamicThingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.create_dynamic_thing_group(Client, ThingGroupName, Input0, Options0)
View SourceCreates a fleet metric.
Requires permission to access the CreateFleetMetric: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a job.
Requires permission to access the CreateJob: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a job template.
Requires permission to access the CreateJobTemplate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key.
You can also call CreateKeysAndCertificate
over MQTT from a device, for more information, see Provisioning MQTT API: https://docs.aws.amazon.com/iot/latest/developerguide/provision-wo-cert.html#provision-mqtt-api.
Note This is the only time IoT issues the private key for this certificate, so it is important to keep it in a secure location.
Requires permission to access the CreateKeysAndCertificate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Defines an action that can be applied to audit findings by using StartAuditMitigationActionsTask.
Only certain types of mitigation actions can be applied to specific check names. For more information, see Mitigation actions: https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-mitigation-actions.html. Each mitigation action can apply only one type of change.
Requires permission to access the CreateMitigationAction: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates an IoT OTA update on a target group of things or groups.
Requires permission to access the CreateOTAUpdate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates an IoT software package that can be deployed to your fleet.
Requires permission to access the CreatePackage: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions and GetIndexingConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions actions.Creates a new version for an existing IoT software package.
Requires permission to access the CreatePackageVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions and GetIndexingConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions actions.create_package_version(Client, PackageName, VersionName, Input0, Options0)
View SourceCreates an IoT policy.
The created policy is the default version for the policy. This operation creates a policy version with a version identifier of 1 and sets 1 as the policy's default version.
Requires permission to access the CreatePolicy: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a new version of the specified IoT policy.
To update a policy, create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must use DeletePolicyVersion
to delete an existing version before you create a new one.
Optionally, you can set the new version as the policy's default version. The default version is the operative version (that is, the version that is in effect for the certificates to which the policy is attached).
Requires permission to access the CreatePolicyVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a provisioning claim.
Requires permission to access the CreateProvisioningClaim: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a provisioning template.
Requires permission to access the CreateProvisioningTemplate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a new version of a provisioning template.
Requires permission to access the CreateProvisioningTemplateVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.create_provisioning_template_version(Client, TemplateName, Input0, Options0)
View SourceCreates a role alias.
Requires permission to access the CreateRoleAlias: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a scheduled audit that is run at a specified time interval.
Requires permission to access the CreateScheduledAudit: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.create_scheduled_audit(Client, ScheduledAuditName, Input0, Options0)
View SourceCreates a Device Defender security profile.
Requires permission to access the CreateSecurityProfile: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.create_security_profile(Client, SecurityProfileName, Input0, Options0)
View SourceCreates a stream for delivering one or more large files in chunks over MQTT.
A stream transports data bytes in chunks or blocks packaged as MQTT messages from a source like S3. You can have one or more files associated with a stream.
Requires permission to access the CreateStream: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a thing record in the registry.
If this call is made multiple times using the same thing name and configuration, the call will succeed. If this call is made with the same thing name but different configuration a ResourceAlreadyExistsException
is thrown.
This is a control plane operation. See Authorization: https://docs.aws.amazon.com/iot/latest/developerguide/iot-authorization.html for information about authorizing control plane actions.
Requires permission to access the CreateThing: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Create a thing group.
This is a control plane operation. See Authorization: https://docs.aws.amazon.com/iot/latest/developerguide/iot-authorization.html for information about authorizing control plane actions.
If the ThingGroup
that you create has the exact same attributes as an existing ThingGroup
, you will get a 200 success response.
Creates a new thing type.
Requires permission to access the CreateThingType: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a rule.
Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.
Requires permission to access the CreateTopicRule: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a topic rule destination.
The destination must be confirmed prior to use.
Requires permission to access the CreateTopicRuleDestination: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Restores the default settings for Device Defender audits for this account.
Any configuration data you entered is deleted and all audit checks are reset to disabled.
Requires permission to access the DeleteAccountAuditConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a Device Defender audit suppression.
Requires permission to access the DeleteAuditSuppression: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes an authorizer.
Requires permission to access the DeleteAuthorizer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes the billing group.
Requires permission to access the DeleteBillingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a registered CA certificate.
Requires permission to access the DeleteCACertificate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes the specified certificate.
A certificate cannot be deleted if it has a policy or IoT thing attached to it or if its status is set to ACTIVE. To delete a certificate, first use the DetachPolicy
action to detach all policies. Next, use the UpdateCertificate
action to set the certificate to the INACTIVE status.
delete_certificate_provider(Client, CertificateProviderName, Input)
View SourceDeletes a certificate provider.
Requires permission to access the DeleteCertificateProvider: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
If you delete the certificate provider resource, the behavior ofCreateCertificateFromCsr
will resume, and IoT will create certificates signed by IoT from a certificate signing request (CSR).
delete_certificate_provider(Client, CertificateProviderName, Input0, Options0)
View SourceDeletes a Device Defender detect custom metric.
Requires permission to access the DeleteCustomMetric: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
Before you can delete a custom metric, you must first remove the custom metric from all security profiles it's a part of. The security profile associated with the custom metric can be found using the ListSecurityProfiles: https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfiles.html API withmetricName
set to your custom metric name.
Removes the specified dimension from your Amazon Web Services accounts.
Requires permission to access the DeleteDimension: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_domain_configuration(Client, DomainConfigurationName, Input)
View SourceDeletes the specified domain configuration.
Requires permission to access the DeleteDomainConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_domain_configuration(Client, DomainConfigurationName, Input0, Options0)
View SourceDeletes a dynamic thing group.
Requires permission to access the DeleteDynamicThingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_dynamic_thing_group(Client, ThingGroupName, Input0, Options0)
View SourceDeletes the specified fleet metric.
Returns successfully with no error if the deletion is successful or you specify a fleet metric that doesn't exist.
Requires permission to access the DeleteFleetMetric: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a job and its related job executions.
Deleting a job may take time, depending on the number of job executions created for the job and various other factors. While the job is being deleted, the status of the job will be shown as "DELETION_IN_PROGRESS". Attempting to delete or cancel a job whose status is already "DELETION_IN_PROGRESS" will result in an error.
Only 10 jobs may have status "DELETION_IN_PROGRESS" at the same time, or a LimitExceededException will occur.
Requires permission to access the DeleteJob: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_job_execution(Client, ExecutionNumber, JobId, ThingName, Input)
View SourceDeletes a job execution.
Requires permission to access the DeleteJobExecution: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_job_execution(Client, ExecutionNumber, JobId, ThingName, Input0, Options0)
View SourceDeletes a defined mitigation action from your Amazon Web Services accounts.
Requires permission to access the DeleteMitigationAction: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Delete an OTA update.
Requires permission to access the DeleteOTAUpdate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a specific version from a software package.
Note: All package versions must be deleted before deleting the software package.
Requires permission to access the DeletePackageVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a specific version from a software package.
Note: If a package version is designated as default, you must remove the designation from the software package using theUpdatePackage
action.
delete_package_version(Client, PackageName, VersionName, Input0, Options0)
View SourceDeletes the specified policy.
A policy cannot be deleted if it has non-default versions or it is attached to any certificate.
To delete a policy, use the DeletePolicyVersion
action to delete all non-default versions of the policy; use the DetachPolicy
action to detach the policy from any certificate; and then use the DeletePolicy action to delete the policy.
When a policy is deleted using DeletePolicy, its default version is deleted with it.
Because of the distributed nature of Amazon Web Services, it can take up to five minutes after a policy is detached before it's ready to be deleted.
Requires permission to access the DeletePolicy: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes the specified version of the specified policy.
You cannot delete the default version of a policy using this action. To delete the default version of a policy, use DeletePolicy
. To find out which version of a policy is marked as the default version, use ListPolicyVersions.
delete_policy_version(Client, PolicyName, PolicyVersionId, Input0, Options0)
View SourceDeletes a provisioning template.
Requires permission to access the DeleteProvisioningTemplate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_provisioning_template(Client, TemplateName, Input0, Options0)
View Sourcedelete_provisioning_template_version(Client, TemplateName, VersionId, Input)
View SourceDeletes a provisioning template version.
Requires permission to access the DeleteProvisioningTemplateVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_provisioning_template_version(Client, TemplateName, VersionId, Input0, Options0)
View SourceDeletes a CA certificate registration code.
Requires permission to access the DeleteRegistrationCode: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a role alias
Requires permission to access the DeleteRoleAlias: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a scheduled audit.
Requires permission to access the DeleteScheduledAudit: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_scheduled_audit(Client, ScheduledAuditName, Input0, Options0)
View SourceDeletes a Device Defender security profile.
Requires permission to access the DeleteSecurityProfile: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.delete_security_profile(Client, SecurityProfileName, Input0, Options0)
View SourceDeletes a stream.
Requires permission to access the DeleteStream: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes the specified thing.
Returns successfully with no error if the deletion is successful or you specify a thing that doesn't exist.
Requires permission to access the DeleteThing: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a thing group.
Requires permission to access the DeleteThingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes the specified thing type.
You cannot delete a thing type if it has things associated with it. To delete a thing type, first mark it as deprecated by calling DeprecateThingType
, then remove any associated things by calling UpdateThing
to change the thing type on any associated thing, and finally use DeleteThingType
to delete the thing type.
Deletes the rule.
Requires permission to access the DeleteTopicRule: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a topic rule destination.
Requires permission to access the DeleteTopicRuleDestination: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deletes a logging level.
Requires permission to access the DeleteV2LoggingLevel: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Deprecates a thing type.
You can not associate new things with deprecated thing type.
Requires permission to access the DeprecateThingType: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets information about the Device Defender audit settings for this account.
Settings include how audit notifications are sent and which audit checks are enabled or disabled.
Requires permission to access the DescribeAccountAuditConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_account_audit_configuration(Client, QueryMap, HeadersMap)
View Sourcedescribe_account_audit_configuration(Client, QueryMap, HeadersMap, Options0)
View SourceGets information about a single audit finding.
Properties include the reason for noncompliance, the severity of the issue, and the start time when the audit that returned the finding.
Requires permission to access the DescribeAuditFinding: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_audit_finding(Client, FindingId, QueryMap, HeadersMap, Options0)
View SourceGets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings.
Properties include the actions being applied, the audit checks to which they're being applied, the task status, and aggregated task statistics.describe_audit_mitigation_actions_task(Client, TaskId, QueryMap, HeadersMap)
View Sourcedescribe_audit_mitigation_actions_task(Client, TaskId, QueryMap, HeadersMap, Options0)
View SourceGets information about a Device Defender audit.
Requires permission to access the DescribeAuditTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_audit_task(Client, TaskId, QueryMap, HeadersMap, Options0)
View SourceDescribes an authorizer.
Requires permission to access the DescribeAuthorizer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_authorizer(Client, AuthorizerName, QueryMap, HeadersMap, Options0)
View SourceReturns information about a billing group.
Requires permission to access the DescribeBillingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_billing_group(Client, BillingGroupName, QueryMap, HeadersMap)
View Sourcedescribe_billing_group(Client, BillingGroupName, QueryMap, HeadersMap, Options0)
View SourceDescribes a registered CA certificate.
Requires permission to access the DescribeCACertificate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_ca_certificate(Client, CertificateId, QueryMap, HeadersMap)
View Sourcedescribe_ca_certificate(Client, CertificateId, QueryMap, HeadersMap, Options0)
View SourceGets information about the specified certificate.
Requires permission to access the DescribeCertificate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_certificate(Client, CertificateId, QueryMap, HeadersMap, Options0)
View SourceDescribes a certificate provider.
Requires permission to access the DescribeCertificateProvider: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_certificate_provider(Client, CertificateProviderName, QueryMap, HeadersMap)
View Sourcedescribe_certificate_provider(Client, CertificateProviderName, QueryMap, HeadersMap, Options0)
View SourceGets information about a Device Defender detect custom metric.
Requires permission to access the DescribeCustomMetric: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_custom_metric(Client, MetricName, QueryMap, HeadersMap, Options0)
View SourceDescribes the default authorizer.
Requires permission to access the DescribeDefaultAuthorizer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_default_authorizer(Client, QueryMap, HeadersMap, Options0)
View SourceGets information about a Device Defender ML Detect mitigation action.
Requires permission to access the DescribeDetectMitigationActionsTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_detect_mitigation_actions_task(Client, TaskId, QueryMap, HeadersMap)
View Sourcedescribe_detect_mitigation_actions_task(Client, TaskId, QueryMap, HeadersMap, Options0)
View SourceProvides details about a dimension that is defined in your Amazon Web Services accounts.
Requires permission to access the DescribeDimension: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets summary information about a domain configuration.
Requires permission to access the DescribeDomainConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_domain_configuration(Client, DomainConfigurationName, QueryMap, HeadersMap)
View Sourcedescribe_domain_configuration(Client, DomainConfigurationName, QueryMap, HeadersMap, Options0)
View SourceReturns or creates a unique endpoint specific to the Amazon Web Services account making the call.
The first time DescribeEndpoint
is called, an endpoint is created. All subsequent calls to DescribeEndpoint
return the same endpoint.
Describes event configurations.
Requires permission to access the DescribeEventConfigurations: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_event_configurations(Client, QueryMap, HeadersMap, Options0)
View SourceGets information about the specified fleet metric.
Requires permission to access the DescribeFleetMetric: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_fleet_metric(Client, MetricName, QueryMap, HeadersMap, Options0)
View SourceDescribes a search index.
Requires permission to access the DescribeIndex: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Describes a job.
Requires permission to access the DescribeJob: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Describes a job execution.
Requires permission to access the DescribeJobExecution: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_job_execution(Client, JobId, ThingName, QueryMap, HeadersMap)
View Sourcedescribe_job_execution(Client, JobId, ThingName, QueryMap, HeadersMap, Options0)
View Sourcedescribe_job_template(Client, JobTemplateId, QueryMap, HeadersMap)
View Sourcedescribe_job_template(Client, JobTemplateId, QueryMap, HeadersMap, Options0)
View Sourcedescribe_managed_job_template(Client, TemplateName, QueryMap, HeadersMap)
View Sourcedescribe_managed_job_template(Client, TemplateName, QueryMap, HeadersMap, Options0)
View SourceGets information about a mitigation action.
Requires permission to access the DescribeMitigationAction: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_mitigation_action(Client, ActionName, QueryMap, HeadersMap)
View Sourcedescribe_mitigation_action(Client, ActionName, QueryMap, HeadersMap, Options0)
View SourceReturns information about a provisioning template.
Requires permission to access the DescribeProvisioningTemplate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_provisioning_template(Client, TemplateName, QueryMap, HeadersMap)
View Sourcedescribe_provisioning_template(Client, TemplateName, QueryMap, HeadersMap, Options0)
View Sourcedescribe_provisioning_template_version(Client, TemplateName, VersionId)
View SourceReturns information about a provisioning template version.
Requires permission to access the DescribeProvisioningTemplateVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_provisioning_template_version(Client, TemplateName, VersionId, QueryMap, HeadersMap)
View Sourcedescribe_provisioning_template_version(Client, TemplateName, VersionId, QueryMap, HeadersMap, Options0)
View SourceDescribes a role alias.
Requires permission to access the DescribeRoleAlias: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_role_alias(Client, RoleAlias, QueryMap, HeadersMap, Options0)
View SourceGets information about a scheduled audit.
Requires permission to access the DescribeScheduledAudit: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_scheduled_audit(Client, ScheduledAuditName, QueryMap, HeadersMap)
View Sourcedescribe_scheduled_audit(Client, ScheduledAuditName, QueryMap, HeadersMap, Options0)
View SourceGets information about a Device Defender security profile.
Requires permission to access the DescribeSecurityProfile: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_security_profile(Client, SecurityProfileName, QueryMap, HeadersMap)
View Sourcedescribe_security_profile(Client, SecurityProfileName, QueryMap, HeadersMap, Options0)
View SourceGets information about a stream.
Requires permission to access the DescribeStream: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets information about the specified thing.
Requires permission to access the DescribeThing: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Describe a thing group.
Requires permission to access the DescribeThingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_thing_group(Client, ThingGroupName, QueryMap, HeadersMap)
View Sourcedescribe_thing_group(Client, ThingGroupName, QueryMap, HeadersMap, Options0)
View SourceDescribes a bulk thing provisioning task.
Requires permission to access the DescribeThingRegistrationTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_thing_registration_task(Client, TaskId, QueryMap, HeadersMap)
View Sourcedescribe_thing_registration_task(Client, TaskId, QueryMap, HeadersMap, Options0)
View SourceGets information about the specified thing type.
Requires permission to access the DescribeThingType: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.describe_thing_type(Client, ThingTypeName, QueryMap, HeadersMap, Options0)
View SourceDetaches a policy from the specified target.
Because of the distributed nature of Amazon Web Services, it can take up to five minutes after a policy is detached before it's ready to be deleted.
Requires permission to access the DetachPolicy: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Removes the specified policy from the specified certificate.
Note: This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use DetachPolicy
instead.
Disassociates a Device Defender security profile from a thing group or from this account.
Requires permission to access the DetachSecurityProfile: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.detach_security_profile(Client, SecurityProfileName, Input0, Options0)
View SourceDetaches the specified principal from the specified thing.
A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.
This call is asynchronous. It might take several seconds for the detachment to propagate.
Requires permission to access the DetachThingPrincipal: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Disables the rule.
Requires permission to access the DisableTopicRule: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Enables the rule.
Requires permission to access the EnableTopicRule: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Returns a Device Defender's ML Detect Security Profile training model's status.
Requires permission to access the GetBehaviorModelTrainingSummaries: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.get_behavior_model_training_summaries(Client, QueryMap, HeadersMap)
View Sourceget_behavior_model_training_summaries(Client, QueryMap, HeadersMap, Options0)
View SourceAggregates on indexed data with search queries pertaining to particular fields.
Requires permission to access the GetBucketsAggregation: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Returns the approximate count of unique values that match the query.
Requires permission to access the GetCardinality: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the IoT device gateway.
Requires permission to access the GetEffectivePolicies: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets the indexing configuration.
Requires permission to access the GetIndexingConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.get_indexing_configuration(Client, QueryMap, HeadersMap, Options0)
View SourceGets a job document.
Requires permission to access the GetJobDocument: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets the logging options.
NOTE: use of this command is not recommended. Use GetV2LoggingOptions
instead.
Gets an OTA update.
Requires permission to access the GetOTAUpdate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.get_ota_update(Client, OtaUpdateId, QueryMap, HeadersMap, Options0)
View SourceGets information about the specified software package.
Requires permission to access the GetPackage: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets information about the specified software package's configuration.
Requires permission to access the GetPackageConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets information about the specified package version.
Requires permission to access the GetPackageVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.get_package_version(Client, PackageName, VersionName, QueryMap, HeadersMap)
View Sourceget_package_version(Client, PackageName, VersionName, QueryMap, HeadersMap, Options0)
View SourceGroups the aggregated values that match the query into percentile groupings.
The default percentile groupings are: 1,5,25,50,75,95,99, although you can specify your own when you call GetPercentiles
. This function returns a value for each percentile group specified (or the default percentile groupings). The percentile group "1" contains the aggregated field value that occurs in approximately one percent of the values that match the query. The percentile group "5" contains the aggregated field value that occurs in approximately five percent of the values that match the query, and so on. The result is an approximation, the more values that match the query, the more accurate the percentile values.
Gets information about the specified policy with the policy document of the default version.
Requires permission to access the GetPolicy: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets information about the specified policy version.
Requires permission to access the GetPolicyVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.get_policy_version(Client, PolicyName, PolicyVersionId, QueryMap, HeadersMap)
View Sourceget_policy_version(Client, PolicyName, PolicyVersionId, QueryMap, HeadersMap, Options0)
View SourceGets a registration code used to register a CA certificate with IoT.
IoT will create a registration code as part of this API call if the registration code doesn't exist or has been deleted. If you already have a registration code, this API call will return the same registration code.
Requires permission to access the GetRegistrationCode: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field.
If the aggregation field is of type String
, only the count statistic is returned.
Gets information about the rule.
Requires permission to access the GetTopicRule: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets information about a topic rule destination.
Requires permission to access the GetTopicRuleDestination: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.get_topic_rule_destination(Client, Arn, QueryMap, HeadersMap, Options0)
View SourceGets the fine grained logging options.
Requires permission to access the GetV2LoggingOptions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the active violations for a given Device Defender security profile.
Requires permission to access the ListActiveViolations: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the policies attached to the specified thing group.
Requires permission to access the ListAttachedPolicies: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period.
(Findings are retained for 90 days.)
Requires permission to access the ListAuditFindings: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_audit_mitigation_actions_executions(Client, FindingId, TaskId)
View SourceGets the status of audit mitigation action tasks that were executed.
Requires permission to access the ListAuditMitigationActionsExecutions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_audit_mitigation_actions_executions(Client, FindingId, TaskId, QueryMap, HeadersMap)
View Sourcelist_audit_mitigation_actions_executions(Client, FindingId, TaskId, QueryMap, HeadersMap, Options0)
View SourceGets a list of audit mitigation action tasks that match the specified filters.
Requires permission to access the ListAuditMitigationActionsTasks: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_audit_mitigation_actions_tasks(Client, EndTime, StartTime, QueryMap, HeadersMap)
View Sourcelist_audit_mitigation_actions_tasks(Client, EndTime, StartTime, QueryMap, HeadersMap, Options0)
View SourceLists your Device Defender audit listings.
Requires permission to access the ListAuditSuppressions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the Device Defender audits that have been performed during a given time period.
Requires permission to access the ListAuditTasks: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_audit_tasks(Client, EndTime, StartTime, QueryMap, HeadersMap)
View Sourcelist_audit_tasks(Client, EndTime, StartTime, QueryMap, HeadersMap, Options0)
View SourceLists the authorizers registered in your account.
Requires permission to access the ListAuthorizers: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the billing groups you have created.
Requires permission to access the ListBillingGroups: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the CA certificates registered for your Amazon Web Services account.
The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.
Requires permission to access the ListCACertificates: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists all your certificate providers in your Amazon Web Services account.
Requires permission to access the ListCertificateProviders: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_certificate_providers(Client, QueryMap, HeadersMap, Options0)
View SourceLists the certificates registered in your Amazon Web Services account.
The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.
Requires permission to access the ListCertificates: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.List the device certificates signed by the specified CA certificate.
Requires permission to access the ListCertificatesByCA: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_certificates_by_ca(Client, CaCertificateId, QueryMap, HeadersMap)
View Sourcelist_certificates_by_ca(Client, CaCertificateId, QueryMap, HeadersMap, Options0)
View SourceLists your Device Defender detect custom metrics.
Requires permission to access the ListCustomMetrics: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists mitigation actions executions for a Device Defender ML Detect Security Profile.
Requires permission to access the ListDetectMitigationActionsExecutions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_detect_mitigation_actions_executions(Client, QueryMap, HeadersMap)
View Sourcelist_detect_mitigation_actions_executions(Client, QueryMap, HeadersMap, Options0)
View SourceList of Device Defender ML Detect mitigation actions tasks.
Requires permission to access the ListDetectMitigationActionsTasks: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_detect_mitigation_actions_tasks(Client, EndTime, StartTime, QueryMap, HeadersMap)
View Sourcelist_detect_mitigation_actions_tasks(Client, EndTime, StartTime, QueryMap, HeadersMap, Options0)
View SourceList the set of dimensions that are defined for your Amazon Web Services accounts.
Requires permission to access the ListDimensions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Gets a list of domain configurations for the user.
This list is sorted alphabetically by domain configuration name.
Requires permission to access the ListDomainConfigurations: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_domain_configurations(Client, QueryMap, HeadersMap, Options0)
View SourceLists all your fleet metrics.
Requires permission to access the ListFleetMetrics: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the search indices.
Requires permission to access the ListIndices: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the job executions for a job.
Requires permission to access the ListJobExecutionsForJob: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_job_executions_for_job(Client, JobId, QueryMap, HeadersMap, Options0)
View SourceLists the job executions for the specified thing.
Requires permission to access the ListJobExecutionsForThing: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_job_executions_for_thing(Client, ThingName, QueryMap, HeadersMap)
View Sourcelist_job_executions_for_thing(Client, ThingName, QueryMap, HeadersMap, Options0)
View SourceReturns a list of job templates.
Requires permission to access the ListJobTemplates: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists jobs.
Requires permission to access the ListJobs: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_managed_job_templates(Client, QueryMap, HeadersMap, Options0)
View Sourcelist_metric_values(Client, EndTime, MetricName, StartTime, ThingName)
View Sourcelist_metric_values(Client, EndTime, MetricName, StartTime, ThingName, QueryMap, HeadersMap)
View Sourcelist_metric_values(Client, EndTime, MetricName, StartTime, ThingName, QueryMap, HeadersMap, Options0)
View SourceGets a list of all mitigation actions that match the specified filter criteria.
Requires permission to access the ListMitigationActions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists OTA updates.
Requires permission to access the ListOTAUpdates: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists certificates that are being transferred but not yet accepted.
Requires permission to access the ListOutgoingCertificates: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_outgoing_certificates(Client, QueryMap, HeadersMap, Options0)
View SourceLists the software package versions associated to the account.
Requires permission to access the ListPackageVersions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_package_versions(Client, PackageName, QueryMap, HeadersMap, Options0)
View SourceLists the software packages associated to the account.
Requires permission to access the ListPackages: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists your policies.
Requires permission to access the ListPolicies: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the principals associated with the specified policy.
Note: This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use ListTargetsForPolicy
instead.
list_policy_principals(Client, PolicyName, QueryMap, HeadersMap, Options0)
View SourceLists the versions of the specified policy and identifies the default version.
Requires permission to access the ListPolicyVersions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_policy_versions(Client, PolicyName, QueryMap, HeadersMap, Options0)
View SourceLists the policies attached to the specified principal.
If you use an Cognito identity, the ID must be in AmazonCognito Identity format: https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetCredentialsForIdentity.html#API_GetCredentialsForIdentity_RequestSyntax.
Note: This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use ListAttachedPolicies
instead.
list_principal_policies(Client, Principal, QueryMap, HeadersMap, Options0)
View SourceLists the things associated with the specified principal.
A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.
Requires permission to access the ListPrincipalThings: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_principal_things(Client, Principal, QueryMap, HeadersMap, Options0)
View SourceA list of provisioning template versions.
Requires permission to access the ListProvisioningTemplateVersions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_provisioning_template_versions(Client, TemplateName, QueryMap, HeadersMap)
View Sourcelist_provisioning_template_versions(Client, TemplateName, QueryMap, HeadersMap, Options0)
View SourceLists the provisioning templates in your Amazon Web Services account.
Requires permission to access the ListProvisioningTemplates: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_provisioning_templates(Client, QueryMap, HeadersMap, Options0)
View SourceLists the role aliases registered in your account.
Requires permission to access the ListRoleAliases: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists all of your scheduled audits.
Requires permission to access the ListScheduledAudits: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the Device Defender security profiles you've created.
You can filter security profiles by dimension or custom metric.
Requires permission to access the ListSecurityProfiles: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
dimensionName
and metricName
cannot be used in the same request.
list_security_profiles_for_target(Client, SecurityProfileTargetArn)
View SourceLists the Device Defender security profiles attached to a target (thing group).
Requires permission to access the ListSecurityProfilesForTarget: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_security_profiles_for_target(Client, SecurityProfileTargetArn, QueryMap, HeadersMap)
View Sourcelist_security_profiles_for_target(Client, SecurityProfileTargetArn, QueryMap, HeadersMap, Options0)
View SourceLists all of the streams in your Amazon Web Services account.
Requires permission to access the ListStreams: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the tags (metadata) you have assigned to the resource.
Requires permission to access the ListTagsForResource: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_tags_for_resource(Client, ResourceArn, QueryMap, HeadersMap, Options0)
View SourceList targets for the specified policy.
Requires permission to access the ListTargetsForPolicy: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the targets (thing groups) associated with a given Device Defender security profile.
Requires permission to access the ListTargetsForSecurityProfile: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_targets_for_security_profile(Client, SecurityProfileName, QueryMap, HeadersMap)
View Sourcelist_targets_for_security_profile(Client, SecurityProfileName, QueryMap, HeadersMap, Options0)
View SourceList the thing groups in your account.
Requires permission to access the ListThingGroups: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.List the thing groups to which the specified thing belongs.
Requires permission to access the ListThingGroupsForThing: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_thing_groups_for_thing(Client, ThingName, QueryMap, HeadersMap)
View Sourcelist_thing_groups_for_thing(Client, ThingName, QueryMap, HeadersMap, Options0)
View SourceLists the principals associated with the specified thing.
A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.
Requires permission to access the ListThingPrincipals: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_thing_principals(Client, ThingName, QueryMap, HeadersMap, Options0)
View Sourcelist_thing_registration_task_reports(Client, TaskId, ReportType, QueryMap, HeadersMap)
View Sourcelist_thing_registration_task_reports(Client, TaskId, ReportType, QueryMap, HeadersMap, Options0)
View SourceList bulk thing provisioning tasks.
Requires permission to access the ListThingRegistrationTasks: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_thing_registration_tasks(Client, QueryMap, HeadersMap, Options0)
View SourceLists the existing thing types.
Requires permission to access the ListThingTypes: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists your things.
Use the attributeName and attributeValue parameters to filter your things. For example, calling ListThings
with attributeName=Color and attributeValue=Red retrieves all things in the registry that contain an attribute Color with the value Red. For more information, see List Things: https://docs.aws.amazon.com/iot/latest/developerguide/thing-registry.html#list-things from the Amazon Web Services IoT Core Developer Guide.
Requires permission to access the ListThings: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
You will not be charged for calling this API if anAccess denied
error is returned. You will also not be charged if no attributes or pagination token was provided in request and no pagination token and no results were returned.
Lists the things you have added to the given billing group.
Requires permission to access the ListThingsInBillingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_things_in_billing_group(Client, BillingGroupName, QueryMap, HeadersMap)
View Sourcelist_things_in_billing_group(Client, BillingGroupName, QueryMap, HeadersMap, Options0)
View SourceLists the things in the specified group.
Requires permission to access the ListThingsInThingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_things_in_thing_group(Client, ThingGroupName, QueryMap, HeadersMap)
View Sourcelist_things_in_thing_group(Client, ThingGroupName, QueryMap, HeadersMap, Options0)
View SourceLists all the topic rule destinations in your Amazon Web Services account.
Requires permission to access the ListTopicRuleDestinations: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_topic_rule_destinations(Client, QueryMap, HeadersMap, Options0)
View SourceLists the rules for the specific topic.
Requires permission to access the ListTopicRules: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists logging levels.
Requires permission to access the ListV2LoggingLevels: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Lists the Device Defender security profile violations discovered during the given time period.
You can use filters to limit the results to those alerts issued for a particular security profile, behavior, or thing (device).
Requires permission to access the ListViolationEvents: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.list_violation_events(Client, EndTime, StartTime, QueryMap, HeadersMap)
View Sourcelist_violation_events(Client, EndTime, StartTime, QueryMap, HeadersMap, Options0)
View Sourceput_verification_state_on_violation(Client, ViolationId, Input0, Options0)
View SourceRegisters a CA certificate with Amazon Web Services IoT Core.
There is no limit to the number of CA certificates you can register in your Amazon Web Services account. You can register up to 10 CA certificates with the same CA subject field
per Amazon Web Services account.
Registers a device certificate with IoT in the same certificate mode: https://docs.aws.amazon.com/iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode as the signing CA.
If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered.
Requires permission to access the RegisterCertificate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Register a certificate that does not have a certificate authority (CA).
For supported certificates, consult Certificate signing algorithms supported by IoT: https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html#x509-cert-algorithms.Provisions a thing in the device registry.
RegisterThing calls other IoT control plane APIs. These calls might exceed your account level IoT Throttling Limits: https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_iot and cause throttle errors. Please contact Amazon Web Services Customer Support: https://console.aws.amazon.com/support/home to raise your throttling limits if necessary.
Requires permission to access the RegisterThing: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Rejects a pending certificate transfer.
After IoT rejects a certificate transfer, the certificate status changes from PENDING_TRANSFER to INACTIVE.
To check for pending certificate transfers, call ListCertificates
to enumerate your certificates.
This operation can only be called by the transfer destination. After it is called, the certificate will be returned to the source's account in the INACTIVE state.
Requires permission to access the RejectCertificateTransfer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.reject_certificate_transfer(Client, CertificateId, Input0, Options0)
View SourceRemoves the given thing from the billing group.
Requires permission to access the RemoveThingFromBillingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
This call is asynchronous. It might take several seconds for the detachment to propagate.Remove the specified thing from the specified group.
You must specify either a thingGroupArn
or a thingGroupName
to identify the thing group and either a thingArn
or a thingName
to identify the thing to remove from the thing group.
Replaces the rule.
You must specify all parameters for the new rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.
Requires permission to access the ReplaceTopicRule: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.The query search index.
Requires permission to access the SearchIndex: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Sets the default authorizer.
This will be used if a websocket connection is made without specifying an authorizer.
Requires permission to access the SetDefaultAuthorizer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.set_default_policy_version(Client, PolicyName, PolicyVersionId, Input)
View SourceSets the specified version of the specified policy as the policy's default (operative) version.
This action affects all certificates to which the policy is attached. To list the principals the policy is attached to, use the ListPrincipalPolicies
action.
set_default_policy_version(Client, PolicyName, PolicyVersionId, Input0, Options0)
View SourceSets the logging options.
NOTE: use of this command is not recommended. Use SetV2LoggingOptions
instead.
Sets the logging level.
Requires permission to access the SetV2LoggingLevel: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Sets the logging options for the V2 logging service.
Requires permission to access the SetV2LoggingOptions: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Starts a task that applies a set of mitigation actions to the specified target.
Requires permission to access the StartAuditMitigationActionsTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.start_audit_mitigation_actions_task(Client, TaskId, Input0, Options0)
View SourceStarts a Device Defender ML Detect mitigation actions task.
Requires permission to access the StartDetectMitigationActionsTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.start_detect_mitigation_actions_task(Client, TaskId, Input0, Options0)
View SourceStarts an on-demand Device Defender audit.
Requires permission to access the StartOnDemandAuditTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Creates a bulk thing provisioning task.
Requires permission to access the StartThingRegistrationTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Cancels a bulk thing provisioning task.
Requires permission to access the StopThingRegistrationTask: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Adds to or modifies the tags of the given resource.
Tags are metadata which can be used to manage a resource.
Requires permission to access the TagResource: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Tests if a specified principal is authorized to perform an IoT action on a specified resource.
Use this to test and debug the authorization behavior of devices that connect to the IoT device gateway.
Requires permission to access the TestAuthorization: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Tests a custom authorization behavior by invoking a specified custom authorizer.
Use this to test and debug the custom authorization behavior of devices that connect to the IoT device gateway.
Requires permission to access the TestInvokeAuthorizer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Transfers the specified certificate to the specified Amazon Web Services account.
Requires permission to access the TransferCertificate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
You can cancel the transfer until it is acknowledged by the recipient.
No notification is sent to the transfer destination's account. It is up to the caller to notify the transfer target.
The certificate being transferred must not be in the ACTIVE state. You can use the UpdateCertificate
action to deactivate it.
DetachPolicy
action to detach them.
Removes the given tags (metadata) from the resource.
Requires permission to access the UntagResource: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Configures or reconfigures the Device Defender audit settings for this account.
Settings include how audit notifications are sent and which audit checks are enabled or disabled.
Requires permission to access the UpdateAccountAuditConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates an authorizer.
Requires permission to access the UpdateAuthorizer: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates information about the billing group.
Requires permission to access the UpdateBillingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates a registered CA certificate.
Requires permission to access the UpdateCACertificate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates the status of the specified certificate.
This operation is idempotent.
Requires permission to access the UpdateCertificate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.
Certificates must be in the ACTIVE state to authenticate devices that use a certificate to connect to IoT.
Within a few minutes of updating a certificate from the ACTIVE state to any other state, IoT disconnects all devices that used that certificate to connect. Devices cannot use a certificate that is not in the ACTIVE state to reconnect.update_certificate_provider(Client, CertificateProviderName, Input)
View SourceUpdates a certificate provider.
Requires permission to access the UpdateCertificateProvider: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.update_certificate_provider(Client, CertificateProviderName, Input0, Options0)
View SourceUpdates a Device Defender detect custom metric.
Requires permission to access the UpdateCustomMetric: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates the definition for a dimension.
You cannot change the type of a dimension after it is created (you can delete it and recreate it).
Requires permission to access the UpdateDimension: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.update_domain_configuration(Client, DomainConfigurationName, Input)
View SourceUpdates values stored in the domain configuration.
Domain configurations for default endpoints can't be updated.
Requires permission to access the UpdateDomainConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.update_domain_configuration(Client, DomainConfigurationName, Input0, Options0)
View SourceUpdates a dynamic thing group.
Requires permission to access the UpdateDynamicThingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.update_dynamic_thing_group(Client, ThingGroupName, Input0, Options0)
View SourceUpdates the event configurations.
Requires permission to access the UpdateEventConfigurations: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates the data for a fleet metric.
Requires permission to access the UpdateFleetMetric: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates the search configuration.
Requires permission to access the UpdateIndexingConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates supported fields of the specified job.
Requires permission to access the UpdateJob: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates the definition for the specified mitigation action.
Requires permission to access the UpdateMitigationAction: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates the supported fields for a specific software package.
Requires permission to access the UpdatePackage: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions and GetIndexingConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions actions.Updates the software package configuration.
Requires permission to access the UpdatePackageConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions and iam:PassRole: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html actions.Updates the supported fields for a specific package version.
Requires permission to access the UpdatePackageVersion: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions and GetIndexingConfiguration: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions actions.update_package_version(Client, PackageName, VersionName, Input0, Options0)
View SourceUpdates a provisioning template.
Requires permission to access the UpdateProvisioningTemplate: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.update_provisioning_template(Client, TemplateName, Input0, Options0)
View SourceUpdates a role alias.
Requires permission to access the UpdateRoleAlias: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates a scheduled audit, including which checks are performed and how often the audit takes place.
Requires permission to access the UpdateScheduledAudit: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.update_scheduled_audit(Client, ScheduledAuditName, Input0, Options0)
View SourceUpdates a Device Defender security profile.
Requires permission to access the UpdateSecurityProfile: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.update_security_profile(Client, SecurityProfileName, Input0, Options0)
View SourceUpdates an existing stream.
The stream version will be incremented by one.
Requires permission to access the UpdateStream: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates the data for a thing.
Requires permission to access the UpdateThing: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Update a thing group.
Requires permission to access the UpdateThingGroup: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates the groups to which the thing belongs.
Requires permission to access the UpdateThingGroupsForThing: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Updates a topic rule destination.
You use this to change the status, endpoint URL, or confirmation URL of the destination.
Requires permission to access the UpdateTopicRuleDestination: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.Validates a Device Defender security profile behaviors specification.
Requires permission to access the ValidateSecurityProfileBehaviors: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions action.