@lap v0.3 # Machine-readable API spec. Each @endpoint block is one API call. @api AWS IoT @version 2015-05-28 @auth AWS SigV4 @endpoints 255 @hint download_for_search @toc accept-certificate-transfer(1), billing-groups(8), thing-groups(9), jobs(9), target-policies(2), principal-policies(3), security-profiles(8), things(14), audit(25), cancel-certificate-transfer(1), detect(5), default-authorizer(3), confirmdestination(1), authorizer(5), certificates(5), certificate-providers(5), custom-metric(4), dimensions(5), domainConfigurations(5), dynamic-thing-groups(3), fleet-metric(4), job-templates(4), keys-and-certificate(1), mitigationactions(5), otaUpdates(4), packages(10), policies(9), provisioning-templates(10), role-aliases(5), streams(5), thing-types(5), rules(7), destinations(5), cacertificate(4), registrationcode(2), v2LoggingLevel(3), endpoint(1), event-configurations(2), indices(7), managed-job-templates(2), thing-registration-tasks(5), behavior-model-training(1), effective-policies(1), indexing(2), loggingOptions(2), package-configuration(2), v2LoggingOptions(2), active-violations(1), attached-policies(1), authorizers(1), cacertificates(1), certificates-by-ca(1), custom-metrics(1), fleet-metrics(1), metric-values(1), certificates-out-going(1), policy-principals(1), principals(1), security-profiles-for-target(1), tags(2), policy-targets(1), violation-events(1), violations(1), certificate(2), reject-certificate-transfer(1), test-authorization(1), transfer-certificate(1), untag(1), security-profile-behaviors(1) @group accept-certificate-transfer @endpoint PATCH /accept-certificate-transfer/{certificateId} @desc Accepts a pending certificate transfer. The default state of the certificate is INACTIVE. To check for pending certificate transfers, call ListCertificates to enumerate your certificates. Requires permission to access the AcceptCertificateTransfer action. @required {certificateId: str} @optional {setAsActive: bool} @endgroup @group billing-groups @endpoint PUT /billing-groups/addThingToBillingGroup @desc Adds a thing to a billing group. Requires permission to access the AddThingToBillingGroup action. @optional {billingGroupName: str, billingGroupArn: str, thingName: str, thingArn: str} @endgroup @group thing-groups @endpoint PUT /thing-groups/addThingToThingGroup @desc Adds a thing to a thing group. Requires permission to access the AddThingToThingGroup action. @optional {thingGroupName: str, thingGroupArn: str, thingName: str, thingArn: str, overrideDynamicGroups: bool} @endgroup @group jobs @endpoint POST /jobs/{jobId}/targets @desc Associates a group with a continuous job. The following criteria must be met: The job must have been created with the targetSelection field set to "CONTINUOUS". The job status must currently be "IN_PROGRESS". The total number of targets associated with a job must not exceed 100. Requires permission to access the AssociateTargetsWithJob action. @required {jobId: str, targets: [str]} @optional {namespaceId: str, comment: str} @returns(200) {jobArn: str?, jobId: str?, description: str?} @endgroup @group target-policies @endpoint PUT /target-policies/{policyName} @desc Attaches the specified policy to the specified principal (certificate or other credential). Requires permission to access the AttachPolicy action. @required {policyName: str, target: str} @endgroup @group principal-policies @endpoint PUT /principal-policies/{policyName} @desc Attaches the specified policy to the specified principal (certificate or other credential). Note: This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use AttachPolicy instead. Requires permission to access the AttachPrincipalPolicy action. @required {policyName: str, x-amzn-iot-principal: str} @endgroup @group security-profiles @endpoint PUT /security-profiles/{securityProfileName}/targets @desc Associates a Device Defender security profile with a thing group or this account. Each thing group or account can have up to five security profiles associated with it. Requires permission to access the AttachSecurityProfile action. @required {securityProfileName: str, securityProfileTargetArn: str} @endgroup @group things @endpoint PUT /things/{thingName}/principals @desc Attaches the specified principal to the specified thing. A principal can be X.509 certificates, Amazon Cognito identities or federated identities. Requires permission to access the AttachThingPrincipal action. @required {thingName: str, x-amzn-principal: str} @endgroup @group audit @endpoint PUT /audit/mitigationactions/tasks/{taskId}/cancel @desc Cancels a mitigation action task that is in progress. If the task is not in progress, an InvalidRequestException occurs. Requires permission to access the CancelAuditMitigationActionsTask action. @required {taskId: str} @endpoint PUT /audit/tasks/{taskId}/cancel @desc Cancels an audit that is in progress. The audit can be either scheduled or on demand. If the audit isn't in progress, an "InvalidRequestException" occurs. Requires permission to access the CancelAuditTask action. @required {taskId: str} @endgroup @group cancel-certificate-transfer @endpoint PATCH /cancel-certificate-transfer/{certificateId} @desc Cancels a pending transfer for the specified certificate. Note Only the transfer source account can use this operation to cancel a transfer. (Transfer destinations can use RejectCertificateTransfer instead.) After transfer, IoT returns the certificate to the source account in the INACTIVE state. After the destination account has accepted the transfer, the transfer cannot be cancelled. After a certificate transfer is cancelled, the status of the certificate changes from PENDING_TRANSFER to INACTIVE. Requires permission to access the CancelCertificateTransfer action. @required {certificateId: str} @endgroup @group detect @endpoint PUT /detect/mitigationactions/tasks/{taskId}/cancel @desc Cancels a Device Defender ML Detect mitigation action. Requires permission to access the CancelDetectMitigationActionsTask action. @required {taskId: str} @endgroup @group jobs @endpoint PUT /jobs/{jobId}/cancel @desc Cancels a job. Requires permission to access the CancelJob action. @required {jobId: str} @optional {force: bool, reasonCode: str, comment: str} @returns(200) {jobArn: str?, jobId: str?, description: str?} @endgroup @group things @endpoint PUT /things/{thingName}/jobs/{jobId}/cancel @desc Cancels the execution of a job for a given thing. Requires permission to access the CancelJobExecution action. @required {jobId: str, thingName: str} @optional {force: bool, expectedVersion: int(i64), statusDetails: map} @endgroup @group default-authorizer @endpoint DELETE /default-authorizer @desc Clears the default authorizer. Requires permission to access the ClearDefaultAuthorizer action. @endgroup @group confirmdestination @endpoint GET /confirmdestination/{confirmationToken+} @desc Confirms a topic rule destination. When you create a rule requiring a destination, IoT sends a confirmation message to the endpoint or base address you specify. The message includes a token which you pass back when calling ConfirmTopicRuleDestination to confirm that you own or have access to the endpoint. Requires permission to access the ConfirmTopicRuleDestination action. @required {confirmationToken: str} @endgroup @group audit @endpoint POST /audit/suppressions/create @desc Creates a Device Defender audit suppression. Requires permission to access the CreateAuditSuppression action. @required {checkName: str, resourceIdentifier: ResourceIdentifier, clientRequestToken: str} @optional {expirationDate: str(timestamp), suppressIndefinitely: bool, description: str} @endgroup @group authorizer @endpoint POST /authorizer/{authorizerName} @desc Creates an authorizer. Requires permission to access the CreateAuthorizer action. @required {authorizerName: str, authorizerFunctionArn: str} @optional {tokenKeyName: str, tokenSigningPublicKeys: map, status: str, tags: [Tag], signingDisabled: bool, enableCachingForHttp: bool} @returns(200) {authorizerName: str?, authorizerArn: str?} @endgroup @group billing-groups @endpoint POST /billing-groups/{billingGroupName} @desc Creates a billing group. Requires permission to access the CreateBillingGroup action. @required {billingGroupName: str} @optional {billingGroupProperties: BillingGroupProperties, tags: [Tag]} @returns(200) {billingGroupName: str?, billingGroupArn: str?, billingGroupId: str?} @endgroup @group certificates @endpoint POST /certificates @desc Creates an X.509 certificate using the specified certificate signing request. Requires permission to access the CreateCertificateFromCsr action. The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256, NIST P-384, or NIST P-521 curves. For supported certificates, consult Certificate signing algorithms supported by IoT. Reusing the same certificate signing request (CSR) results in a distinct certificate. You can create multiple certificates in a batch by creating a directory, copying multiple .csr files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs. In the following commands, we assume that a set of CSRs are located inside of the directory my-csr-directory: On Linux and OS X, the command is: $ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{} This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr Amazon Web Services CLI command to create a certificate for the corresponding CSR. You can also run the aws iot create-certificate-from-csr part of the command in parallel to speed up the certificate creation process: $ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{} On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is: > ls -Name my-csr-directory | %{aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/$_} On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is: > forfiles /p my-csr-directory /c "cmd /c aws iot create-certificate-from-csr --certificate-signing-request file://@path" @required {certificateSigningRequest: str} @optional {setAsActive: bool} @returns(200) {certificateArn: str?, certificateId: str?, certificatePem: str?} @endgroup @group certificate-providers @endpoint POST /certificate-providers/{certificateProviderName} @desc Creates an Amazon Web Services IoT Core certificate provider. You can use Amazon Web Services IoT Core certificate provider to customize how to sign a certificate signing request (CSR) in IoT fleet provisioning. For more information, see Customizing certificate signing using Amazon Web Services IoT Core certificate provider from Amazon Web Services IoT Core Developer Guide. Requires permission to access the CreateCertificateProvider action. After you create a certificate provider, the behavior of CreateCertificateFromCsr API for fleet provisioning will change and all API calls to CreateCertificateFromCsr will invoke the certificate provider to create the certificates. It can take up to a few minutes for this behavior to change after a certificate provider is created. @required {certificateProviderName: str, lambdaFunctionArn: str, accountDefaultForOperations: [str]} @optional {clientToken: str, tags: [Tag]} @returns(200) {certificateProviderName: str?, certificateProviderArn: str?} @endgroup @group custom-metric @endpoint POST /custom-metric/{metricName} @desc Use this API to define a Custom Metric published by your devices to Device Defender. Requires permission to access the CreateCustomMetric action. @required {metricName: str, metricType: str, clientRequestToken: str} @optional {displayName: str, tags: [Tag]} @returns(200) {metricName: str?, metricArn: str?} @endgroup @group dimensions @endpoint POST /dimensions/{name} @desc Create a dimension that you can use to limit the scope of a metric used in a security profile for IoT Device Defender. For example, using a TOPIC_FILTER dimension, you can narrow down the scope of the metric only to MQTT topics whose name match the pattern specified in the dimension. Requires permission to access the CreateDimension action. @required {name: str, type: str, stringValues: [str], clientRequestToken: str} @optional {tags: [Tag]} @returns(200) {name: str?, arn: str?} @endgroup @group domainConfigurations @endpoint POST /domainConfigurations/{domainConfigurationName} @desc Creates a domain configuration. Requires permission to access the CreateDomainConfiguration action. @required {domainConfigurationName: str} @optional {domainName: str, serverCertificateArns: [str], validationCertificateArn: str, authorizerConfig: AuthorizerConfig, serviceType: str, tags: [Tag], tlsConfig: TlsConfig, serverCertificateConfig: ServerCertificateConfig} @returns(200) {domainConfigurationName: str?, domainConfigurationArn: str?} @endgroup @group dynamic-thing-groups @endpoint POST /dynamic-thing-groups/{thingGroupName} @desc Creates a dynamic thing group. Requires permission to access the CreateDynamicThingGroup action. @required {thingGroupName: str, queryString: str} @optional {thingGroupProperties: ThingGroupProperties, indexName: str, queryVersion: str, tags: [Tag]} @returns(200) {thingGroupName: str?, thingGroupArn: str?, thingGroupId: str?, indexName: str?, queryString: str?, queryVersion: str?} @endgroup @group fleet-metric @endpoint PUT /fleet-metric/{metricName} @desc Creates a fleet metric. Requires permission to access the CreateFleetMetric action. @required {metricName: str, queryString: str, aggregationType: AggregationType, period: int, aggregationField: str} @optional {description: str, queryVersion: str, indexName: str, unit: str, tags: [Tag]} @returns(200) {metricName: str?, metricArn: str?} @endgroup @group jobs @endpoint PUT /jobs/{jobId} @desc Creates a job. Requires permission to access the CreateJob action. @required {jobId: str, targets: [str]} @optional {documentSource: str, document: str, description: str, presignedUrlConfig: PresignedUrlConfig, targetSelection: str, jobExecutionsRolloutConfig: JobExecutionsRolloutConfig, abortConfig: AbortConfig, timeoutConfig: TimeoutConfig, tags: [Tag], namespaceId: str, jobTemplateArn: str, jobExecutionsRetryConfig: JobExecutionsRetryConfig, documentParameters: map, schedulingConfig: SchedulingConfig, destinationPackageVersions: [str]} @returns(200) {jobArn: str?, jobId: str?, description: str?} @endgroup @group job-templates @endpoint PUT /job-templates/{jobTemplateId} @desc Creates a job template. Requires permission to access the CreateJobTemplate action. @required {jobTemplateId: str, description: str} @optional {jobArn: str, documentSource: str, document: str, presignedUrlConfig: PresignedUrlConfig, jobExecutionsRolloutConfig: JobExecutionsRolloutConfig, abortConfig: AbortConfig, timeoutConfig: TimeoutConfig, tags: [Tag], jobExecutionsRetryConfig: JobExecutionsRetryConfig, maintenanceWindows: [MaintenanceWindow], destinationPackageVersions: [str]} @returns(200) {jobTemplateArn: str?, jobTemplateId: str?} @endgroup @group keys-and-certificate @endpoint POST /keys-and-certificate @desc Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key. You can also call CreateKeysAndCertificate over MQTT from a device, for more information, see Provisioning MQTT API. Note This is the only time IoT issues the private key for this certificate, so it is important to keep it in a secure location. Requires permission to access the CreateKeysAndCertificate action. @optional {setAsActive: bool} @returns(200) {certificateArn: str?, certificateId: str?, certificatePem: str?, keyPair: KeyPair?{PublicKey: str?, PrivateKey: str?}} @endgroup @group mitigationactions @endpoint POST /mitigationactions/actions/{actionName} @desc Defines an action that can be applied to audit findings by using StartAuditMitigationActionsTask. Only certain types of mitigation actions can be applied to specific check names. For more information, see Mitigation actions. Each mitigation action can apply only one type of change. Requires permission to access the CreateMitigationAction action. @required {actionName: str, roleArn: str, actionParams: MitigationActionParams} @optional {tags: [Tag]} @returns(200) {actionArn: str?, actionId: str?} @endgroup @group otaUpdates @endpoint POST /otaUpdates/{otaUpdateId} @desc Creates an IoT OTA update on a target group of things or groups. Requires permission to access the CreateOTAUpdate action. @required {otaUpdateId: str, targets: [str], files: [OTAUpdateFile], roleArn: str} @optional {description: str, protocols: [str], targetSelection: str, awsJobExecutionsRolloutConfig: AwsJobExecutionsRolloutConfig, awsJobPresignedUrlConfig: AwsJobPresignedUrlConfig, awsJobAbortConfig: AwsJobAbortConfig, awsJobTimeoutConfig: AwsJobTimeoutConfig, additionalParameters: map, tags: [Tag]} @returns(200) {otaUpdateId: str?, awsIotJobId: str?, otaUpdateArn: str?, awsIotJobArn: str?, otaUpdateStatus: str?} @endgroup @group packages @endpoint PUT /packages/{packageName} @desc Creates an IoT software package that can be deployed to your fleet. Requires permission to access the CreatePackage and GetIndexingConfiguration actions. @required {packageName: str} @optional {clientToken: str, description: str, tags: map} @returns(200) {packageName: str?, packageArn: str?, description: str?} @endpoint PUT /packages/{packageName}/versions/{versionName} @desc Creates a new version for an existing IoT software package. Requires permission to access the CreatePackageVersion and GetIndexingConfiguration actions. @required {packageName: str, versionName: str} @optional {clientToken: str, description: str, attributes: map, tags: map} @returns(200) {packageVersionArn: str?, packageName: str?, versionName: str?, description: str?, attributes: map?, status: str?, errorReason: str?} @endgroup @group policies @endpoint POST /policies/{policyName} @desc Creates an IoT policy. The created policy is the default version for the policy. This operation creates a policy version with a version identifier of 1 and sets 1 as the policy's default version. Requires permission to access the CreatePolicy action. @required {policyName: str, policyDocument: str} @optional {tags: [Tag]} @returns(200) {policyName: str?, policyArn: str?, policyDocument: str?, policyVersionId: str?} @endpoint POST /policies/{policyName}/version @desc Creates a new version of the specified IoT policy. To update a policy, create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must use DeletePolicyVersion to delete an existing version before you create a new one. Optionally, you can set the new version as the policy's default version. The default version is the operative version (that is, the version that is in effect for the certificates to which the policy is attached). Requires permission to access the CreatePolicyVersion action. @required {policyName: str, policyDocument: str} @optional {setAsDefault: bool} @returns(200) {policyArn: str?, policyDocument: str?, policyVersionId: str?, isDefaultVersion: bool?} @endgroup @group provisioning-templates @endpoint POST /provisioning-templates/{templateName}/provisioning-claim @desc Creates a provisioning claim. Requires permission to access the CreateProvisioningClaim action. @required {templateName: str} @returns(200) {certificateId: str?, certificatePem: str?, keyPair: KeyPair?{PublicKey: str?, PrivateKey: str?}, expiration: str(timestamp)?} @endpoint POST /provisioning-templates @desc Creates a provisioning template. Requires permission to access the CreateProvisioningTemplate action. @required {templateName: str, templateBody: str, provisioningRoleArn: str} @optional {description: str, enabled: bool, preProvisioningHook: ProvisioningHook, tags: [Tag], type: str} @returns(200) {templateArn: str?, templateName: str?, defaultVersionId: int?} @endpoint POST /provisioning-templates/{templateName}/versions @desc Creates a new version of a provisioning template. Requires permission to access the CreateProvisioningTemplateVersion action. @required {templateName: str, templateBody: str} @optional {setAsDefault: bool} @returns(200) {templateArn: str?, templateName: str?, versionId: int?, isDefaultVersion: bool?} @endgroup @group role-aliases @endpoint POST /role-aliases/{roleAlias} @desc Creates a role alias. Requires permission to access the CreateRoleAlias action. @required {roleAlias: str, roleArn: str} @optional {credentialDurationSeconds: int, tags: [Tag]} @returns(200) {roleAlias: str?, roleAliasArn: str?} @endgroup @group audit @endpoint POST /audit/scheduledaudits/{scheduledAuditName} @desc Creates a scheduled audit that is run at a specified time interval. Requires permission to access the CreateScheduledAudit action. @required {scheduledAuditName: str, frequency: str, targetCheckNames: [str]} @optional {dayOfMonth: str, dayOfWeek: str, tags: [Tag]} @returns(200) {scheduledAuditArn: str?} @endgroup @group security-profiles @endpoint POST /security-profiles/{securityProfileName} @desc Creates a Device Defender security profile. Requires permission to access the CreateSecurityProfile action. @required {securityProfileName: str} @optional {securityProfileDescription: str, behaviors: [Behavior], alertTargets: map, additionalMetricsToRetain: [str], additionalMetricsToRetainV2: [MetricToRetain], tags: [Tag], metricsExportConfig: MetricsExportConfig} @returns(200) {securityProfileName: str?, securityProfileArn: str?} @endgroup @group streams @endpoint POST /streams/{streamId} @desc Creates a stream for delivering one or more large files in chunks over MQTT. A stream transports data bytes in chunks or blocks packaged as MQTT messages from a source like S3. You can have one or more files associated with a stream. Requires permission to access the CreateStream action. @required {streamId: str, files: [StreamFile], roleArn: str} @optional {description: str, tags: [Tag]} @returns(200) {streamId: str?, streamArn: str?, description: str?, streamVersion: int?} @endgroup @group things @endpoint POST /things/{thingName} @desc Creates a thing record in the registry. If this call is made multiple times using the same thing name and configuration, the call will succeed. If this call is made with the same thing name but different configuration a ResourceAlreadyExistsException is thrown. This is a control plane operation. See Authorization for information about authorizing control plane actions. Requires permission to access the CreateThing action. @required {thingName: str} @optional {thingTypeName: str, attributePayload: AttributePayload, billingGroupName: str} @returns(200) {thingName: str?, thingArn: str?, thingId: str?} @endgroup @group thing-groups @endpoint POST /thing-groups/{thingGroupName} @desc Create a thing group. This is a control plane operation. See Authorization for information about authorizing control plane actions. If the ThingGroup that you create has the exact same attributes as an existing ThingGroup, you will get a 200 success response. Requires permission to access the CreateThingGroup action. @required {thingGroupName: str} @optional {parentGroupName: str, thingGroupProperties: ThingGroupProperties, tags: [Tag]} @returns(200) {thingGroupName: str?, thingGroupArn: str?, thingGroupId: str?} @endgroup @group thing-types @endpoint POST /thing-types/{thingTypeName} @desc Creates a new thing type. Requires permission to access the CreateThingType action. @required {thingTypeName: str} @optional {thingTypeProperties: ThingTypeProperties, tags: [Tag]} @returns(200) {thingTypeName: str?, thingTypeArn: str?, thingTypeId: str?} @endgroup @group rules @endpoint POST /rules/{ruleName} @desc Creates a rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule. Requires permission to access the CreateTopicRule action. @required {ruleName: str, topicRulePayload: TopicRulePayload} @optional {x-amz-tagging: str} @endgroup @group destinations @endpoint POST /destinations @desc Creates a topic rule destination. The destination must be confirmed prior to use. Requires permission to access the CreateTopicRuleDestination action. @required {destinationConfiguration: TopicRuleDestinationConfiguration} @returns(200) {topicRuleDestination: TopicRuleDestination?{arn: str?, status: str?, createdAt: str(timestamp)?, lastUpdatedAt: str(timestamp)?, statusReason: str?, httpUrlProperties: HttpUrlDestinationProperties?{confirmationUrl: str?}, vpcProperties: VpcDestinationProperties?{subnetIds: [str]?, securityGroups: [str]?, vpcId: str?, roleArn: str?}}} @endgroup @group audit @endpoint DELETE /audit/configuration @desc Restores the default settings for Device Defender audits for this account. Any configuration data you entered is deleted and all audit checks are reset to disabled. Requires permission to access the DeleteAccountAuditConfiguration action. @optional {deleteScheduledAudits: bool} @endpoint POST /audit/suppressions/delete @desc Deletes a Device Defender audit suppression. Requires permission to access the DeleteAuditSuppression action. @required {checkName: str, resourceIdentifier: ResourceIdentifier} @endgroup @group authorizer @endpoint DELETE /authorizer/{authorizerName} @desc Deletes an authorizer. Requires permission to access the DeleteAuthorizer action. @required {authorizerName: str} @endgroup @group billing-groups @endpoint DELETE /billing-groups/{billingGroupName} @desc Deletes the billing group. Requires permission to access the DeleteBillingGroup action. @required {billingGroupName: str} @optional {expectedVersion: int(i64)} @endgroup @group cacertificate @endpoint DELETE /cacertificate/{caCertificateId} @desc Deletes a registered CA certificate. Requires permission to access the DeleteCACertificate action. @required {certificateId: str} @endgroup @group certificates @endpoint DELETE /certificates/{certificateId} @desc Deletes the specified certificate. A certificate cannot be deleted if it has a policy or IoT thing attached to it or if its status is set to ACTIVE. To delete a certificate, first use the DetachPolicy action to detach all policies. Next, use the UpdateCertificate action to set the certificate to the INACTIVE status. Requires permission to access the DeleteCertificate action. @required {certificateId: str} @optional {forceDelete: bool} @endgroup @group certificate-providers @endpoint DELETE /certificate-providers/{certificateProviderName} @desc Deletes a certificate provider. Requires permission to access the DeleteCertificateProvider action. If you delete the certificate provider resource, the behavior of CreateCertificateFromCsr will resume, and IoT will create certificates signed by IoT from a certificate signing request (CSR). @required {certificateProviderName: str} @endgroup @group custom-metric @endpoint DELETE /custom-metric/{metricName} @desc Deletes a Device Defender detect custom metric. Requires permission to access the DeleteCustomMetric action. Before you can delete a custom metric, you must first remove the custom metric from all security profiles it's a part of. The security profile associated with the custom metric can be found using the ListSecurityProfiles API with metricName set to your custom metric name. @required {metricName: str} @endgroup @group dimensions @endpoint DELETE /dimensions/{name} @desc Removes the specified dimension from your Amazon Web Services accounts. Requires permission to access the DeleteDimension action. @required {name: str} @endgroup @group domainConfigurations @endpoint DELETE /domainConfigurations/{domainConfigurationName} @desc Deletes the specified domain configuration. Requires permission to access the DeleteDomainConfiguration action. @required {domainConfigurationName: str} @endgroup @group dynamic-thing-groups @endpoint DELETE /dynamic-thing-groups/{thingGroupName} @desc Deletes a dynamic thing group. Requires permission to access the DeleteDynamicThingGroup action. @required {thingGroupName: str} @optional {expectedVersion: int(i64)} @endgroup @group fleet-metric @endpoint DELETE /fleet-metric/{metricName} @desc Deletes the specified fleet metric. Returns successfully with no error if the deletion is successful or you specify a fleet metric that doesn't exist. Requires permission to access the DeleteFleetMetric action. @required {metricName: str} @optional {expectedVersion: int(i64)} @endgroup @group jobs @endpoint DELETE /jobs/{jobId} @desc Deletes a job and its related job executions. Deleting a job may take time, depending on the number of job executions created for the job and various other factors. While the job is being deleted, the status of the job will be shown as "DELETION_IN_PROGRESS". Attempting to delete or cancel a job whose status is already "DELETION_IN_PROGRESS" will result in an error. Only 10 jobs may have status "DELETION_IN_PROGRESS" at the same time, or a LimitExceededException will occur. Requires permission to access the DeleteJob action. @required {jobId: str} @optional {force: bool, namespaceId: str} @endgroup @group things @endpoint DELETE /things/{thingName}/jobs/{jobId}/executionNumber/{executionNumber} @desc Deletes a job execution. Requires permission to access the DeleteJobExecution action. @required {jobId: str, thingName: str, executionNumber: int(i64)} @optional {force: bool, namespaceId: str} @endgroup @group job-templates @endpoint DELETE /job-templates/{jobTemplateId} @desc Deletes the specified job template. @required {jobTemplateId: str} @endgroup @group mitigationactions @endpoint DELETE /mitigationactions/actions/{actionName} @desc Deletes a defined mitigation action from your Amazon Web Services accounts. Requires permission to access the DeleteMitigationAction action. @required {actionName: str} @endgroup @group otaUpdates @endpoint DELETE /otaUpdates/{otaUpdateId} @desc Delete an OTA update. Requires permission to access the DeleteOTAUpdate action. @required {otaUpdateId: str} @optional {deleteStream: bool, forceDeleteAWSJob: bool} @endgroup @group packages @endpoint DELETE /packages/{packageName} @desc Deletes a specific version from a software package. Note: All package versions must be deleted before deleting the software package. Requires permission to access the DeletePackageVersion action. @required {packageName: str} @optional {clientToken: str} @endpoint DELETE /packages/{packageName}/versions/{versionName} @desc Deletes a specific version from a software package. Note: If a package version is designated as default, you must remove the designation from the software package using the UpdatePackage action. @required {packageName: str, versionName: str} @optional {clientToken: str} @endgroup @group policies @endpoint DELETE /policies/{policyName} @desc Deletes the specified policy. A policy cannot be deleted if it has non-default versions or it is attached to any certificate. To delete a policy, use the DeletePolicyVersion action to delete all non-default versions of the policy; use the DetachPolicy action to detach the policy from any certificate; and then use the DeletePolicy action to delete the policy. When a policy is deleted using DeletePolicy, its default version is deleted with it. Because of the distributed nature of Amazon Web Services, it can take up to five minutes after a policy is detached before it's ready to be deleted. Requires permission to access the DeletePolicy action. @required {policyName: str} @endpoint DELETE /policies/{policyName}/version/{policyVersionId} @desc Deletes the specified version of the specified policy. You cannot delete the default version of a policy using this action. To delete the default version of a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions. Requires permission to access the DeletePolicyVersion action. @required {policyName: str, policyVersionId: str} @endgroup @group provisioning-templates @endpoint DELETE /provisioning-templates/{templateName} @desc Deletes a provisioning template. Requires permission to access the DeleteProvisioningTemplate action. @required {templateName: str} @endpoint DELETE /provisioning-templates/{templateName}/versions/{versionId} @desc Deletes a provisioning template version. Requires permission to access the DeleteProvisioningTemplateVersion action. @required {templateName: str, versionId: int} @endgroup @group registrationcode @endpoint DELETE /registrationcode @desc Deletes a CA certificate registration code. Requires permission to access the DeleteRegistrationCode action. @endgroup @group role-aliases @endpoint DELETE /role-aliases/{roleAlias} @desc Deletes a role alias Requires permission to access the DeleteRoleAlias action. @required {roleAlias: str} @endgroup @group audit @endpoint DELETE /audit/scheduledaudits/{scheduledAuditName} @desc Deletes a scheduled audit. Requires permission to access the DeleteScheduledAudit action. @required {scheduledAuditName: str} @endgroup @group security-profiles @endpoint DELETE /security-profiles/{securityProfileName} @desc Deletes a Device Defender security profile. Requires permission to access the DeleteSecurityProfile action. @required {securityProfileName: str} @optional {expectedVersion: int(i64)} @endgroup @group streams @endpoint DELETE /streams/{streamId} @desc Deletes a stream. Requires permission to access the DeleteStream action. @required {streamId: str} @endgroup @group things @endpoint DELETE /things/{thingName} @desc Deletes the specified thing. Returns successfully with no error if the deletion is successful or you specify a thing that doesn't exist. Requires permission to access the DeleteThing action. @required {thingName: str} @optional {expectedVersion: int(i64)} @endgroup @group thing-groups @endpoint DELETE /thing-groups/{thingGroupName} @desc Deletes a thing group. Requires permission to access the DeleteThingGroup action. @required {thingGroupName: str} @optional {expectedVersion: int(i64)} @endgroup @group thing-types @endpoint DELETE /thing-types/{thingTypeName} @desc Deletes the specified thing type. You cannot delete a thing type if it has things associated with it. To delete a thing type, first mark it as deprecated by calling DeprecateThingType, then remove any associated things by calling UpdateThing to change the thing type on any associated thing, and finally use DeleteThingType to delete the thing type. Requires permission to access the DeleteThingType action. @required {thingTypeName: str} @endgroup @group rules @endpoint DELETE /rules/{ruleName} @desc Deletes the rule. Requires permission to access the DeleteTopicRule action. @required {ruleName: str} @endgroup @group destinations @endpoint DELETE /destinations/{arn+} @desc Deletes a topic rule destination. Requires permission to access the DeleteTopicRuleDestination action. @required {arn: str} @endgroup @group v2LoggingLevel @endpoint DELETE /v2LoggingLevel @desc Deletes a logging level. Requires permission to access the DeleteV2LoggingLevel action. @required {targetType: str, targetName: str} @endgroup @group thing-types @endpoint POST /thing-types/{thingTypeName}/deprecate @desc Deprecates a thing type. You can not associate new things with deprecated thing type. Requires permission to access the DeprecateThingType action. @required {thingTypeName: str} @optional {undoDeprecate: bool} @endgroup @group audit @endpoint GET /audit/configuration @desc Gets information about the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled. Requires permission to access the DescribeAccountAuditConfiguration action. @returns(200) {roleArn: str?, auditNotificationTargetConfigurations: map?, auditCheckConfigurations: map?} @endpoint GET /audit/findings/{findingId} @desc Gets information about a single audit finding. Properties include the reason for noncompliance, the severity of the issue, and the start time when the audit that returned the finding. Requires permission to access the DescribeAuditFinding action. @required {findingId: str} @returns(200) {finding: AuditFinding?{findingId: str?, taskId: str?, checkName: str?, taskStartTime: str(timestamp)?, findingTime: str(timestamp)?, severity: str?, nonCompliantResource: NonCompliantResource?{resourceType: str?, resourceIdentifier: ResourceIdentifier?{deviceCertificateId: str?, caCertificateId: str?, cognitoIdentityPoolId: str?, clientId: str?, policyVersionIdentifier: PolicyVersionIdentifier?, account: str?, iamRoleArn: str?, roleAliasArn: str?, issuerCertificateIdentifier: IssuerCertificateIdentifier?, deviceCertificateArn: str?}, additionalInfo: map?}, relatedResources: [RelatedResource]?, reasonForNonCompliance: str?, reasonForNonComplianceCode: str?, isSuppressed: bool?}} @endpoint GET /audit/mitigationactions/tasks/{taskId} @desc Gets information about an audit mitigation task that is used to apply mitigation actions to a set of audit findings. Properties include the actions being applied, the audit checks to which they're being applied, the task status, and aggregated task statistics. @required {taskId: str} @returns(200) {taskStatus: str?, startTime: str(timestamp)?, endTime: str(timestamp)?, taskStatistics: map?, target: AuditMitigationActionsTaskTarget?{auditTaskId: str?, findingIds: [str]?, auditCheckToReasonCodeFilter: map?}, auditCheckToActionsMapping: map?, actionsDefinition: [MitigationAction]?} @endpoint POST /audit/suppressions/describe @desc Gets information about a Device Defender audit suppression. @required {checkName: str, resourceIdentifier: ResourceIdentifier} @returns(200) {checkName: str?, resourceIdentifier: ResourceIdentifier?{deviceCertificateId: str?, caCertificateId: str?, cognitoIdentityPoolId: str?, clientId: str?, policyVersionIdentifier: PolicyVersionIdentifier?{policyName: str?, policyVersionId: str?}, account: str?, iamRoleArn: str?, roleAliasArn: str?, issuerCertificateIdentifier: IssuerCertificateIdentifier?{issuerCertificateSubject: str?, issuerId: str?, issuerCertificateSerialNumber: str?}, deviceCertificateArn: str?}, expirationDate: str(timestamp)?, suppressIndefinitely: bool?, description: str?} @endpoint GET /audit/tasks/{taskId} @desc Gets information about a Device Defender audit. Requires permission to access the DescribeAuditTask action. @required {taskId: str} @returns(200) {taskStatus: str?, taskType: str?, taskStartTime: str(timestamp)?, taskStatistics: TaskStatistics?{totalChecks: int?, inProgressChecks: int?, waitingForDataCollectionChecks: int?, compliantChecks: int?, nonCompliantChecks: int?, failedChecks: int?, canceledChecks: int?}, scheduledAuditName: str?, auditDetails: map?} @endgroup @group authorizer @endpoint GET /authorizer/{authorizerName} @desc Describes an authorizer. Requires permission to access the DescribeAuthorizer action. @required {authorizerName: str} @returns(200) {authorizerDescription: AuthorizerDescription?{authorizerName: str?, authorizerArn: str?, authorizerFunctionArn: str?, tokenKeyName: str?, tokenSigningPublicKeys: map?, status: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, signingDisabled: bool?, enableCachingForHttp: bool?}} @endgroup @group billing-groups @endpoint GET /billing-groups/{billingGroupName} @desc Returns information about a billing group. Requires permission to access the DescribeBillingGroup action. @required {billingGroupName: str} @returns(200) {billingGroupName: str?, billingGroupId: str?, billingGroupArn: str?, version: int(i64)?, billingGroupProperties: BillingGroupProperties?{billingGroupDescription: str?}, billingGroupMetadata: BillingGroupMetadata?{creationDate: str(timestamp)?}} @endgroup @group cacertificate @endpoint GET /cacertificate/{caCertificateId} @desc Describes a registered CA certificate. Requires permission to access the DescribeCACertificate action. @required {certificateId: str} @returns(200) {certificateDescription: CACertificateDescription?{certificateArn: str?, certificateId: str?, status: str?, certificatePem: str?, ownedBy: str?, creationDate: str(timestamp)?, autoRegistrationStatus: str?, lastModifiedDate: str(timestamp)?, customerVersion: int?, generationId: str?, validity: CertificateValidity?{notBefore: str(timestamp)?, notAfter: str(timestamp)?}, certificateMode: str?}, registrationConfig: RegistrationConfig?{templateBody: str?, roleArn: str?, templateName: str?}} @endgroup @group certificates @endpoint GET /certificates/{certificateId} @desc Gets information about the specified certificate. Requires permission to access the DescribeCertificate action. @required {certificateId: str} @returns(200) {certificateDescription: CertificateDescription?{certificateArn: str?, certificateId: str?, caCertificateId: str?, status: str?, certificatePem: str?, ownedBy: str?, previousOwnedBy: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, customerVersion: int?, transferData: TransferData?{transferMessage: str?, rejectReason: str?, transferDate: str(timestamp)?, acceptDate: str(timestamp)?, rejectDate: str(timestamp)?}, generationId: str?, validity: CertificateValidity?{notBefore: str(timestamp)?, notAfter: str(timestamp)?}, certificateMode: str?}} @endgroup @group certificate-providers @endpoint GET /certificate-providers/{certificateProviderName} @desc Describes a certificate provider. Requires permission to access the DescribeCertificateProvider action. @required {certificateProviderName: str} @returns(200) {certificateProviderName: str?, certificateProviderArn: str?, lambdaFunctionArn: str?, accountDefaultForOperations: [str]?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group custom-metric @endpoint GET /custom-metric/{metricName} @desc Gets information about a Device Defender detect custom metric. Requires permission to access the DescribeCustomMetric action. @required {metricName: str} @returns(200) {metricName: str?, metricArn: str?, metricType: str?, displayName: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group default-authorizer @endpoint GET /default-authorizer @desc Describes the default authorizer. Requires permission to access the DescribeDefaultAuthorizer action. @returns(200) {authorizerDescription: AuthorizerDescription?{authorizerName: str?, authorizerArn: str?, authorizerFunctionArn: str?, tokenKeyName: str?, tokenSigningPublicKeys: map?, status: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, signingDisabled: bool?, enableCachingForHttp: bool?}} @endgroup @group detect @endpoint GET /detect/mitigationactions/tasks/{taskId} @desc Gets information about a Device Defender ML Detect mitigation action. Requires permission to access the DescribeDetectMitigationActionsTask action. @required {taskId: str} @returns(200) {taskSummary: DetectMitigationActionsTaskSummary?{taskId: str?, taskStatus: str?, taskStartTime: str(timestamp)?, taskEndTime: str(timestamp)?, target: DetectMitigationActionsTaskTarget?{violationIds: [str]?, securityProfileName: str?, behaviorName: str?}, violationEventOccurrenceRange: ViolationEventOccurrenceRange?{startTime: str(timestamp), endTime: str(timestamp)}, onlyActiveViolationsIncluded: bool?, suppressedAlertsIncluded: bool?, actionsDefinition: [MitigationAction]?, taskStatistics: DetectMitigationActionsTaskStatistics?{actionsExecuted: int(i64)?, actionsSkipped: int(i64)?, actionsFailed: int(i64)?}}} @endgroup @group dimensions @endpoint GET /dimensions/{name} @desc Provides details about a dimension that is defined in your Amazon Web Services accounts. Requires permission to access the DescribeDimension action. @required {name: str} @returns(200) {name: str?, arn: str?, type: str?, stringValues: [str]?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group domainConfigurations @endpoint GET /domainConfigurations/{domainConfigurationName} @desc Gets summary information about a domain configuration. Requires permission to access the DescribeDomainConfiguration action. @required {domainConfigurationName: str} @returns(200) {domainConfigurationName: str?, domainConfigurationArn: str?, domainName: str?, serverCertificates: [ServerCertificateSummary]?, authorizerConfig: AuthorizerConfig?{defaultAuthorizerName: str?, allowAuthorizerOverride: bool?}, domainConfigurationStatus: str?, serviceType: str?, domainType: str?, lastStatusChangeDate: str(timestamp)?, tlsConfig: TlsConfig?{securityPolicy: str?}, serverCertificateConfig: ServerCertificateConfig?{enableOCSPCheck: bool?}} @endgroup @group endpoint @endpoint GET /endpoint @desc Returns or creates a unique endpoint specific to the Amazon Web Services account making the call. The first time DescribeEndpoint is called, an endpoint is created. All subsequent calls to DescribeEndpoint return the same endpoint. Requires permission to access the DescribeEndpoint action. @optional {endpointType: str} @returns(200) {endpointAddress: str?} @endgroup @group event-configurations @endpoint GET /event-configurations @desc Describes event configurations. Requires permission to access the DescribeEventConfigurations action. @returns(200) {eventConfigurations: map?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group fleet-metric @endpoint GET /fleet-metric/{metricName} @desc Gets information about the specified fleet metric. Requires permission to access the DescribeFleetMetric action. @required {metricName: str} @returns(200) {metricName: str?, queryString: str?, aggregationType: AggregationType?{name: str, values: [str]?}, period: int?, aggregationField: str?, description: str?, queryVersion: str?, indexName: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, unit: str?, version: int(i64)?, metricArn: str?} @endgroup @group indices @endpoint GET /indices/{indexName} @desc Describes a search index. Requires permission to access the DescribeIndex action. @required {indexName: str} @returns(200) {indexName: str?, indexStatus: str?, schema: str?} @endgroup @group jobs @endpoint GET /jobs/{jobId} @desc Describes a job. Requires permission to access the DescribeJob action. @required {jobId: str} @returns(200) {documentSource: str?, job: Job?{jobArn: str?, jobId: str?, targetSelection: str?, status: str?, forceCanceled: bool?, reasonCode: str?, comment: str?, targets: [str]?, description: str?, presignedUrlConfig: PresignedUrlConfig?{roleArn: str?, expiresInSec: int(i64)?}, jobExecutionsRolloutConfig: JobExecutionsRolloutConfig?{maximumPerMinute: int?, exponentialRate: ExponentialRolloutRate?{baseRatePerMinute: int, incrementFactor: num(f64), rateIncreaseCriteria: RateIncreaseCriteria}}, abortConfig: AbortConfig?{criteriaList: [AbortCriteria]}, createdAt: str(timestamp)?, lastUpdatedAt: str(timestamp)?, completedAt: str(timestamp)?, jobProcessDetails: JobProcessDetails?{processingTargets: [str]?, numberOfCanceledThings: int?, numberOfSucceededThings: int?, numberOfFailedThings: int?, numberOfRejectedThings: int?, numberOfQueuedThings: int?, numberOfInProgressThings: int?, numberOfRemovedThings: int?, numberOfTimedOutThings: int?}, timeoutConfig: TimeoutConfig?{inProgressTimeoutInMinutes: int(i64)?}, namespaceId: str?, jobTemplateArn: str?, jobExecutionsRetryConfig: JobExecutionsRetryConfig?{criteriaList: [RetryCriteria]}, documentParameters: map?, isConcurrent: bool?, schedulingConfig: SchedulingConfig?{startTime: str?, endTime: str?, endBehavior: str?, maintenanceWindows: [MaintenanceWindow]?}, scheduledJobRollouts: [ScheduledJobRollout]?, destinationPackageVersions: [str]?}} @endgroup @group things @endpoint GET /things/{thingName}/jobs/{jobId} @desc Describes a job execution. Requires permission to access the DescribeJobExecution action. @required {jobId: str, thingName: str} @optional {executionNumber: int(i64)} @returns(200) {execution: JobExecution?{jobId: str?, status: str?, forceCanceled: bool?, statusDetails: JobExecutionStatusDetails?{detailsMap: map?}, thingArn: str?, queuedAt: str(timestamp)?, startedAt: str(timestamp)?, lastUpdatedAt: str(timestamp)?, executionNumber: int(i64)?, versionNumber: int(i64)?, approximateSecondsBeforeTimedOut: int(i64)?}} @endgroup @group job-templates @endpoint GET /job-templates/{jobTemplateId} @desc Returns information about a job template. @required {jobTemplateId: str} @returns(200) {jobTemplateArn: str?, jobTemplateId: str?, description: str?, documentSource: str?, document: str?, createdAt: str(timestamp)?, presignedUrlConfig: PresignedUrlConfig?{roleArn: str?, expiresInSec: int(i64)?}, jobExecutionsRolloutConfig: JobExecutionsRolloutConfig?{maximumPerMinute: int?, exponentialRate: ExponentialRolloutRate?{baseRatePerMinute: int, incrementFactor: num(f64), rateIncreaseCriteria: RateIncreaseCriteria{numberOfNotifiedThings: int?, numberOfSucceededThings: int?}}}, abortConfig: AbortConfig?{criteriaList: [AbortCriteria]}, timeoutConfig: TimeoutConfig?{inProgressTimeoutInMinutes: int(i64)?}, jobExecutionsRetryConfig: JobExecutionsRetryConfig?{criteriaList: [RetryCriteria]}, maintenanceWindows: [MaintenanceWindow]?, destinationPackageVersions: [str]?} @endgroup @group managed-job-templates @endpoint GET /managed-job-templates/{templateName} @desc View details of a managed job template. @required {templateName: str} @optional {templateVersion: str} @returns(200) {templateName: str?, templateArn: str?, description: str?, templateVersion: str?, environments: [str]?, documentParameters: [DocumentParameter]?, document: str?} @endgroup @group mitigationactions @endpoint GET /mitigationactions/actions/{actionName} @desc Gets information about a mitigation action. Requires permission to access the DescribeMitigationAction action. @required {actionName: str} @returns(200) {actionName: str?, actionType: str?, actionArn: str?, actionId: str?, roleArn: str?, actionParams: MitigationActionParams?{updateDeviceCertificateParams: UpdateDeviceCertificateParams?{action: str}, updateCACertificateParams: UpdateCACertificateParams?{action: str}, addThingsToThingGroupParams: AddThingsToThingGroupParams?{thingGroupNames: [str], overrideDynamicGroups: bool?}, replaceDefaultPolicyVersionParams: ReplaceDefaultPolicyVersionParams?{templateName: str}, enableIoTLoggingParams: EnableIoTLoggingParams?{roleArnForLogging: str, logLevel: str}, publishFindingToSnsParams: PublishFindingToSnsParams?{topicArn: str}}, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group provisioning-templates @endpoint GET /provisioning-templates/{templateName} @desc Returns information about a provisioning template. Requires permission to access the DescribeProvisioningTemplate action. @required {templateName: str} @returns(200) {templateArn: str?, templateName: str?, description: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, defaultVersionId: int?, templateBody: str?, enabled: bool?, provisioningRoleArn: str?, preProvisioningHook: ProvisioningHook?{payloadVersion: str?, targetArn: str}, type: str?} @endpoint GET /provisioning-templates/{templateName}/versions/{versionId} @desc Returns information about a provisioning template version. Requires permission to access the DescribeProvisioningTemplateVersion action. @required {templateName: str, versionId: int} @returns(200) {versionId: int?, creationDate: str(timestamp)?, templateBody: str?, isDefaultVersion: bool?} @endgroup @group role-aliases @endpoint GET /role-aliases/{roleAlias} @desc Describes a role alias. Requires permission to access the DescribeRoleAlias action. @required {roleAlias: str} @returns(200) {roleAliasDescription: RoleAliasDescription?{roleAlias: str?, roleAliasArn: str?, roleArn: str?, owner: str?, credentialDurationSeconds: int?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?}} @endgroup @group audit @endpoint GET /audit/scheduledaudits/{scheduledAuditName} @desc Gets information about a scheduled audit. Requires permission to access the DescribeScheduledAudit action. @required {scheduledAuditName: str} @returns(200) {frequency: str?, dayOfMonth: str?, dayOfWeek: str?, targetCheckNames: [str]?, scheduledAuditName: str?, scheduledAuditArn: str?} @endgroup @group security-profiles @endpoint GET /security-profiles/{securityProfileName} @desc Gets information about a Device Defender security profile. Requires permission to access the DescribeSecurityProfile action. @required {securityProfileName: str} @returns(200) {securityProfileName: str?, securityProfileArn: str?, securityProfileDescription: str?, behaviors: [Behavior]?, alertTargets: map?, additionalMetricsToRetain: [str]?, additionalMetricsToRetainV2: [MetricToRetain]?, version: int(i64)?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, metricsExportConfig: MetricsExportConfig?{mqttTopic: str, roleArn: str}} @endgroup @group streams @endpoint GET /streams/{streamId} @desc Gets information about a stream. Requires permission to access the DescribeStream action. @required {streamId: str} @returns(200) {streamInfo: StreamInfo?{streamId: str?, streamArn: str?, streamVersion: int?, description: str?, files: [StreamFile]?, createdAt: str(timestamp)?, lastUpdatedAt: str(timestamp)?, roleArn: str?}} @endgroup @group things @endpoint GET /things/{thingName} @desc Gets information about the specified thing. Requires permission to access the DescribeThing action. @required {thingName: str} @returns(200) {defaultClientId: str?, thingName: str?, thingId: str?, thingArn: str?, thingTypeName: str?, attributes: map?, version: int(i64)?, billingGroupName: str?} @endgroup @group thing-groups @endpoint GET /thing-groups/{thingGroupName} @desc Describe a thing group. Requires permission to access the DescribeThingGroup action. @required {thingGroupName: str} @returns(200) {thingGroupName: str?, thingGroupId: str?, thingGroupArn: str?, version: int(i64)?, thingGroupProperties: ThingGroupProperties?{thingGroupDescription: str?, attributePayload: AttributePayload?{attributes: map?, merge: bool?}}, thingGroupMetadata: ThingGroupMetadata?{parentGroupName: str?, rootToParentThingGroups: [GroupNameAndArn]?, creationDate: str(timestamp)?}, indexName: str?, queryString: str?, queryVersion: str?, status: str?} @endgroup @group thing-registration-tasks @endpoint GET /thing-registration-tasks/{taskId} @desc Describes a bulk thing provisioning task. Requires permission to access the DescribeThingRegistrationTask action. @required {taskId: str} @returns(200) {taskId: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, templateBody: str?, inputFileBucket: str?, inputFileKey: str?, roleArn: str?, status: str?, message: str?, successCount: int?, failureCount: int?, percentageProgress: int?} @endgroup @group thing-types @endpoint GET /thing-types/{thingTypeName} @desc Gets information about the specified thing type. Requires permission to access the DescribeThingType action. @required {thingTypeName: str} @returns(200) {thingTypeName: str?, thingTypeId: str?, thingTypeArn: str?, thingTypeProperties: ThingTypeProperties?{thingTypeDescription: str?, searchableAttributes: [str]?}, thingTypeMetadata: ThingTypeMetadata?{deprecated: bool?, deprecationDate: str(timestamp)?, creationDate: str(timestamp)?}} @endgroup @group target-policies @endpoint POST /target-policies/{policyName} @desc Detaches a policy from the specified target. Because of the distributed nature of Amazon Web Services, it can take up to five minutes after a policy is detached before it's ready to be deleted. Requires permission to access the DetachPolicy action. @required {policyName: str, target: str} @endgroup @group principal-policies @endpoint DELETE /principal-policies/{policyName} @desc Removes the specified policy from the specified certificate. Note: This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use DetachPolicy instead. Requires permission to access the DetachPrincipalPolicy action. @required {policyName: str, x-amzn-iot-principal: str} @endgroup @group security-profiles @endpoint DELETE /security-profiles/{securityProfileName}/targets @desc Disassociates a Device Defender security profile from a thing group or from this account. Requires permission to access the DetachSecurityProfile action. @required {securityProfileName: str, securityProfileTargetArn: str} @endgroup @group things @endpoint DELETE /things/{thingName}/principals @desc Detaches the specified principal from the specified thing. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities. This call is asynchronous. It might take several seconds for the detachment to propagate. Requires permission to access the DetachThingPrincipal action. @required {thingName: str, x-amzn-principal: str} @endgroup @group rules @endpoint POST /rules/{ruleName}/disable @desc Disables the rule. Requires permission to access the DisableTopicRule action. @required {ruleName: str} @endpoint POST /rules/{ruleName}/enable @desc Enables the rule. Requires permission to access the EnableTopicRule action. @required {ruleName: str} @endgroup @group behavior-model-training @endpoint GET /behavior-model-training/summaries @desc Returns a Device Defender's ML Detect Security Profile training model's status. Requires permission to access the GetBehaviorModelTrainingSummaries action. @optional {securityProfileName: str, maxResults: int, nextToken: str} @returns(200) {summaries: [BehaviorModelTrainingSummary]?, nextToken: str?} @endgroup @group indices @endpoint POST /indices/buckets @desc Aggregates on indexed data with search queries pertaining to particular fields. Requires permission to access the GetBucketsAggregation action. @required {queryString: str, aggregationField: str, bucketsAggregationType: BucketsAggregationType} @optional {indexName: str, queryVersion: str} @returns(200) {totalCount: int?, buckets: [Bucket]?} @endpoint POST /indices/cardinality @desc Returns the approximate count of unique values that match the query. Requires permission to access the GetCardinality action. @required {queryString: str} @optional {indexName: str, aggregationField: str, queryVersion: str} @returns(200) {cardinality: int?} @endgroup @group effective-policies @endpoint POST /effective-policies @desc Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the IoT device gateway. Requires permission to access the GetEffectivePolicies action. @optional {thingName: str, principal: str, cognitoIdentityPoolId: str} @returns(200) {effectivePolicies: [EffectivePolicy]?} @endgroup @group indexing @endpoint GET /indexing/config @desc Gets the indexing configuration. Requires permission to access the GetIndexingConfiguration action. @returns(200) {thingIndexingConfiguration: ThingIndexingConfiguration?{thingIndexingMode: str, thingConnectivityIndexingMode: str?, deviceDefenderIndexingMode: str?, namedShadowIndexingMode: str?, managedFields: [Field]?, customFields: [Field]?, filter: IndexingFilter?{namedShadowNames: [str]?, geoLocations: [GeoLocationTarget]?}}, thingGroupIndexingConfiguration: ThingGroupIndexingConfiguration?{thingGroupIndexingMode: str, managedFields: [Field]?, customFields: [Field]?}} @endgroup @group jobs @endpoint GET /jobs/{jobId}/job-document @desc Gets a job document. Requires permission to access the GetJobDocument action. @required {jobId: str} @returns(200) {document: str?} @endgroup @group loggingOptions @endpoint GET /loggingOptions @desc Gets the logging options. NOTE: use of this command is not recommended. Use GetV2LoggingOptions instead. Requires permission to access the GetLoggingOptions action. @returns(200) {roleArn: str?, logLevel: str?} @endgroup @group otaUpdates @endpoint GET /otaUpdates/{otaUpdateId} @desc Gets an OTA update. Requires permission to access the GetOTAUpdate action. @required {otaUpdateId: str} @returns(200) {otaUpdateInfo: OTAUpdateInfo?{otaUpdateId: str?, otaUpdateArn: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, description: str?, targets: [str]?, protocols: [str]?, awsJobExecutionsRolloutConfig: AwsJobExecutionsRolloutConfig?{maximumPerMinute: int?, exponentialRate: AwsJobExponentialRolloutRate?{baseRatePerMinute: int, incrementFactor: num(f64), rateIncreaseCriteria: AwsJobRateIncreaseCriteria}}, awsJobPresignedUrlConfig: AwsJobPresignedUrlConfig?{expiresInSec: int(i64)?}, targetSelection: str?, otaUpdateFiles: [OTAUpdateFile]?, otaUpdateStatus: str?, awsIotJobId: str?, awsIotJobArn: str?, errorInfo: ErrorInfo?{code: str?, message: str?}, additionalParameters: map?}} @endgroup @group packages @endpoint GET /packages/{packageName} @desc Gets information about the specified software package. Requires permission to access the GetPackage action. @required {packageName: str} @returns(200) {packageName: str?, packageArn: str?, description: str?, defaultVersionName: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group package-configuration @endpoint GET /package-configuration @desc Gets information about the specified software package's configuration. Requires permission to access the GetPackageConfiguration action. @returns(200) {versionUpdateByJobsConfig: VersionUpdateByJobsConfig?{enabled: bool?, roleArn: str?}} @endgroup @group packages @endpoint GET /packages/{packageName}/versions/{versionName} @desc Gets information about the specified package version. Requires permission to access the GetPackageVersion action. @required {packageName: str, versionName: str} @returns(200) {packageVersionArn: str?, packageName: str?, versionName: str?, description: str?, attributes: map?, status: str?, errorReason: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group indices @endpoint POST /indices/percentiles @desc Groups the aggregated values that match the query into percentile groupings. The default percentile groupings are: 1,5,25,50,75,95,99, although you can specify your own when you call GetPercentiles. This function returns a value for each percentile group specified (or the default percentile groupings). The percentile group "1" contains the aggregated field value that occurs in approximately one percent of the values that match the query. The percentile group "5" contains the aggregated field value that occurs in approximately five percent of the values that match the query, and so on. The result is an approximation, the more values that match the query, the more accurate the percentile values. Requires permission to access the GetPercentiles action. @required {queryString: str} @optional {indexName: str, aggregationField: str, queryVersion: str, percents: [num(f64)]} @returns(200) {percentiles: [PercentPair]?} @endgroup @group policies @endpoint GET /policies/{policyName} @desc Gets information about the specified policy with the policy document of the default version. Requires permission to access the GetPolicy action. @required {policyName: str} @returns(200) {policyName: str?, policyArn: str?, policyDocument: str?, defaultVersionId: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, generationId: str?} @endpoint GET /policies/{policyName}/version/{policyVersionId} @desc Gets information about the specified policy version. Requires permission to access the GetPolicyVersion action. @required {policyName: str, policyVersionId: str} @returns(200) {policyArn: str?, policyName: str?, policyDocument: str?, policyVersionId: str?, isDefaultVersion: bool?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, generationId: str?} @endgroup @group registrationcode @endpoint GET /registrationcode @desc Gets a registration code used to register a CA certificate with IoT. IoT will create a registration code as part of this API call if the registration code doesn't exist or has been deleted. If you already have a registration code, this API call will return the same registration code. Requires permission to access the GetRegistrationCode action. @returns(200) {registrationCode: str?} @endgroup @group indices @endpoint POST /indices/statistics @desc Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field. If the aggregation field is of type String, only the count statistic is returned. Requires permission to access the GetStatistics action. @required {queryString: str} @optional {indexName: str, aggregationField: str, queryVersion: str} @returns(200) {statistics: Statistics?{count: int?, average: num(f64)?, sum: num(f64)?, minimum: num(f64)?, maximum: num(f64)?, sumOfSquares: num(f64)?, variance: num(f64)?, stdDeviation: num(f64)?}} @endgroup @group rules @endpoint GET /rules/{ruleName} @desc Gets information about the rule. Requires permission to access the GetTopicRule action. @required {ruleName: str} @returns(200) {ruleArn: str?, rule: TopicRule?{ruleName: str?, sql: str?, description: str?, createdAt: str(timestamp)?, actions: [Action]?, ruleDisabled: bool?, awsIotSqlVersion: str?, errorAction: Action?{dynamoDB: DynamoDBAction?{tableName: str, roleArn: str, operation: str?, hashKeyField: str, hashKeyValue: str, hashKeyType: str?, rangeKeyField: str?, rangeKeyValue: str?, rangeKeyType: str?, payloadField: str?}, dynamoDBv2: DynamoDBv2Action?{roleArn: str, putItem: PutItemInput}, lambda: LambdaAction?{functionArn: str}, sns: SnsAction?{targetArn: str, roleArn: str, messageFormat: str?}, sqs: SqsAction?{roleArn: str, queueUrl: str, useBase64: bool?}, kinesis: KinesisAction?{roleArn: str, streamName: str, partitionKey: str?}, republish: RepublishAction?{roleArn: str, topic: str, qos: int?, headers: MqttHeaders?}, s3: S3Action?{roleArn: str, bucketName: str, key: str, cannedAcl: str?}, firehose: FirehoseAction?{roleArn: str, deliveryStreamName: str, separator: str?, batchMode: bool?}, cloudwatchMetric: CloudwatchMetricAction?{roleArn: str, metricNamespace: str, metricName: str, metricValue: str, metricUnit: str, metricTimestamp: str?}, cloudwatchAlarm: CloudwatchAlarmAction?{roleArn: str, alarmName: str, stateReason: str, stateValue: str}, cloudwatchLogs: CloudwatchLogsAction?{roleArn: str, logGroupName: str, batchMode: bool?}, elasticsearch: ElasticsearchAction?{roleArn: str, endpoint: str, index: str, type: str, id: str}, salesforce: SalesforceAction?{token: str, url: str}, iotAnalytics: IotAnalyticsAction?{channelArn: str?, channelName: str?, batchMode: bool?, roleArn: str?}, iotEvents: IotEventsAction?{inputName: str, messageId: str?, batchMode: bool?, roleArn: str}, iotSiteWise: IotSiteWiseAction?{putAssetPropertyValueEntries: [PutAssetPropertyValueEntry], roleArn: str}, stepFunctions: StepFunctionsAction?{executionNamePrefix: str?, stateMachineName: str, roleArn: str}, timestream: TimestreamAction?{roleArn: str, databaseName: str, tableName: str, dimensions: [TimestreamDimension], timestamp: TimestreamTimestamp?}, http: HttpAction?{url: str, confirmationUrl: str?, headers: [HttpActionHeader]?, auth: HttpAuthorization?}, kafka: KafkaAction?{destinationArn: str, topic: str, key: str?, partition: str?, clientProperties: map, headers: [KafkaActionHeader]?}, openSearch: OpenSearchAction?{roleArn: str, endpoint: str, index: str, type: str, id: str}, location: LocationAction?{roleArn: str, trackerName: str, deviceId: str, timestamp: LocationTimestamp?, latitude: str, longitude: str}}}} @endgroup @group destinations @endpoint GET /destinations/{arn+} @desc Gets information about a topic rule destination. Requires permission to access the GetTopicRuleDestination action. @required {arn: str} @returns(200) {topicRuleDestination: TopicRuleDestination?{arn: str?, status: str?, createdAt: str(timestamp)?, lastUpdatedAt: str(timestamp)?, statusReason: str?, httpUrlProperties: HttpUrlDestinationProperties?{confirmationUrl: str?}, vpcProperties: VpcDestinationProperties?{subnetIds: [str]?, securityGroups: [str]?, vpcId: str?, roleArn: str?}}} @endgroup @group v2LoggingOptions @endpoint GET /v2LoggingOptions @desc Gets the fine grained logging options. Requires permission to access the GetV2LoggingOptions action. @returns(200) {roleArn: str?, defaultLogLevel: str?, disableAllLogs: bool?} @endgroup @group active-violations @endpoint GET /active-violations @desc Lists the active violations for a given Device Defender security profile. Requires permission to access the ListActiveViolations action. @optional {thingName: str, securityProfileName: str, behaviorCriteriaType: str, listSuppressedAlerts: bool, verificationState: str, nextToken: str, maxResults: int} @returns(200) {activeViolations: [ActiveViolation]?, nextToken: str?} @endgroup @group attached-policies @endpoint POST /attached-policies/{target} @desc Lists the policies attached to the specified thing group. Requires permission to access the ListAttachedPolicies action. @required {target: str} @optional {recursive: bool, marker: str, pageSize: int} @returns(200) {policies: [Policy]?, nextMarker: str?} @endgroup @group audit @endpoint POST /audit/findings @desc Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period. (Findings are retained for 90 days.) Requires permission to access the ListAuditFindings action. @optional {taskId: str, checkName: str, resourceIdentifier: ResourceIdentifier, maxResults: int, nextToken: str, startTime: str(timestamp), endTime: str(timestamp), listSuppressedFindings: bool} @returns(200) {findings: [AuditFinding]?, nextToken: str?} @endpoint GET /audit/mitigationactions/executions @desc Gets the status of audit mitigation action tasks that were executed. Requires permission to access the ListAuditMitigationActionsExecutions action. @required {taskId: str, findingId: str} @optional {actionStatus: str, maxResults: int, nextToken: str} @returns(200) {actionsExecutions: [AuditMitigationActionExecutionMetadata]?, nextToken: str?} @endpoint GET /audit/mitigationactions/tasks @desc Gets a list of audit mitigation action tasks that match the specified filters. Requires permission to access the ListAuditMitigationActionsTasks action. @required {startTime: str(timestamp), endTime: str(timestamp)} @optional {auditTaskId: str, findingId: str, taskStatus: str, maxResults: int, nextToken: str} @returns(200) {tasks: [AuditMitigationActionsTaskMetadata]?, nextToken: str?} @endpoint POST /audit/suppressions/list @desc Lists your Device Defender audit listings. Requires permission to access the ListAuditSuppressions action. @optional {checkName: str, resourceIdentifier: ResourceIdentifier, ascendingOrder: bool, nextToken: str, maxResults: int} @returns(200) {suppressions: [AuditSuppression]?, nextToken: str?} @endpoint GET /audit/tasks @desc Lists the Device Defender audits that have been performed during a given time period. Requires permission to access the ListAuditTasks action. @required {startTime: str(timestamp), endTime: str(timestamp)} @optional {taskType: str, taskStatus: str, nextToken: str, maxResults: int} @returns(200) {tasks: [AuditTaskMetadata]?, nextToken: str?} @endgroup @group authorizers @endpoint GET /authorizers/ @desc Lists the authorizers registered in your account. Requires permission to access the ListAuthorizers action. @optional {pageSize: int, marker: str, isAscendingOrder: bool, status: str} @returns(200) {authorizers: [AuthorizerSummary]?, nextMarker: str?} @endgroup @group billing-groups @endpoint GET /billing-groups @desc Lists the billing groups you have created. Requires permission to access the ListBillingGroups action. @optional {nextToken: str, maxResults: int, namePrefixFilter: str} @returns(200) {billingGroups: [GroupNameAndArn]?, nextToken: str?} @endgroup @group cacertificates @endpoint GET /cacertificates @desc Lists the CA certificates registered for your Amazon Web Services account. The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results. Requires permission to access the ListCACertificates action. @optional {pageSize: int, marker: str, isAscendingOrder: bool, templateName: str} @returns(200) {certificates: [CACertificate]?, nextMarker: str?} @endgroup @group certificate-providers @endpoint GET /certificate-providers/ @desc Lists all your certificate providers in your Amazon Web Services account. Requires permission to access the ListCertificateProviders action. @optional {nextToken: str, isAscendingOrder: bool} @returns(200) {certificateProviders: [CertificateProviderSummary]?, nextToken: str?} @endgroup @group certificates @endpoint GET /certificates @desc Lists the certificates registered in your Amazon Web Services account. The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results. Requires permission to access the ListCertificates action. @optional {pageSize: int, marker: str, isAscendingOrder: bool} @returns(200) {certificates: [Certificate]?, nextMarker: str?} @endgroup @group certificates-by-ca @endpoint GET /certificates-by-ca/{caCertificateId} @desc List the device certificates signed by the specified CA certificate. Requires permission to access the ListCertificatesByCA action. @required {caCertificateId: str} @optional {pageSize: int, marker: str, isAscendingOrder: bool} @returns(200) {certificates: [Certificate]?, nextMarker: str?} @endgroup @group custom-metrics @endpoint GET /custom-metrics @desc Lists your Device Defender detect custom metrics. Requires permission to access the ListCustomMetrics action. @optional {nextToken: str, maxResults: int} @returns(200) {metricNames: [str]?, nextToken: str?} @endgroup @group detect @endpoint GET /detect/mitigationactions/executions @desc Lists mitigation actions executions for a Device Defender ML Detect Security Profile. Requires permission to access the ListDetectMitigationActionsExecutions action. @optional {taskId: str, violationId: str, thingName: str, startTime: str(timestamp), endTime: str(timestamp), maxResults: int, nextToken: str} @returns(200) {actionsExecutions: [DetectMitigationActionExecution]?, nextToken: str?} @endpoint GET /detect/mitigationactions/tasks @desc List of Device Defender ML Detect mitigation actions tasks. Requires permission to access the ListDetectMitigationActionsTasks action. @required {startTime: str(timestamp), endTime: str(timestamp)} @optional {maxResults: int, nextToken: str} @returns(200) {tasks: [DetectMitigationActionsTaskSummary]?, nextToken: str?} @endgroup @group dimensions @endpoint GET /dimensions @desc List the set of dimensions that are defined for your Amazon Web Services accounts. Requires permission to access the ListDimensions action. @optional {nextToken: str, maxResults: int} @returns(200) {dimensionNames: [str]?, nextToken: str?} @endgroup @group domainConfigurations @endpoint GET /domainConfigurations @desc Gets a list of domain configurations for the user. This list is sorted alphabetically by domain configuration name. Requires permission to access the ListDomainConfigurations action. @optional {marker: str, pageSize: int, serviceType: str} @returns(200) {domainConfigurations: [DomainConfigurationSummary]?, nextMarker: str?} @endgroup @group fleet-metrics @endpoint GET /fleet-metrics @desc Lists all your fleet metrics. Requires permission to access the ListFleetMetrics action. @optional {nextToken: str, maxResults: int} @returns(200) {fleetMetrics: [FleetMetricNameAndArn]?, nextToken: str?} @endgroup @group indices @endpoint GET /indices @desc Lists the search indices. Requires permission to access the ListIndices action. @optional {nextToken: str, maxResults: int} @returns(200) {indexNames: [str]?, nextToken: str?} @endgroup @group jobs @endpoint GET /jobs/{jobId}/things @desc Lists the job executions for a job. Requires permission to access the ListJobExecutionsForJob action. @required {jobId: str} @optional {status: str, maxResults: int, nextToken: str} @returns(200) {executionSummaries: [JobExecutionSummaryForJob]?, nextToken: str?} @endgroup @group things @endpoint GET /things/{thingName}/jobs @desc Lists the job executions for the specified thing. Requires permission to access the ListJobExecutionsForThing action. @required {thingName: str} @optional {status: str, namespaceId: str, maxResults: int, nextToken: str, jobId: str} @returns(200) {executionSummaries: [JobExecutionSummaryForThing]?, nextToken: str?} @endgroup @group job-templates @endpoint GET /job-templates @desc Returns a list of job templates. Requires permission to access the ListJobTemplates action. @optional {maxResults: int, nextToken: str} @returns(200) {jobTemplates: [JobTemplateSummary]?, nextToken: str?} @endgroup @group jobs @endpoint GET /jobs @desc Lists jobs. Requires permission to access the ListJobs action. @optional {status: str, targetSelection: str, maxResults: int, nextToken: str, thingGroupName: str, thingGroupId: str, namespaceId: str} @returns(200) {jobs: [JobSummary]?, nextToken: str?} @endgroup @group managed-job-templates @endpoint GET /managed-job-templates @desc Returns a list of managed job templates. @optional {templateName: str, maxResults: int, nextToken: str} @returns(200) {managedJobTemplates: [ManagedJobTemplateSummary]?, nextToken: str?} @endgroup @group metric-values @endpoint GET /metric-values @desc Lists the values reported for an IoT Device Defender metric (device-side metric, cloud-side metric, or custom metric) by the given thing during the specified time period. @required {thingName: str, metricName: str, startTime: str(timestamp), endTime: str(timestamp)} @optional {dimensionName: str, dimensionValueOperator: str, maxResults: int, nextToken: str} @returns(200) {metricDatumList: [MetricDatum]?, nextToken: str?} @endgroup @group mitigationactions @endpoint GET /mitigationactions/actions @desc Gets a list of all mitigation actions that match the specified filter criteria. Requires permission to access the ListMitigationActions action. @optional {actionType: str, maxResults: int, nextToken: str} @returns(200) {actionIdentifiers: [MitigationActionIdentifier]?, nextToken: str?} @endgroup @group otaUpdates @endpoint GET /otaUpdates @desc Lists OTA updates. Requires permission to access the ListOTAUpdates action. @optional {maxResults: int, nextToken: str, otaUpdateStatus: str} @returns(200) {otaUpdates: [OTAUpdateSummary]?, nextToken: str?} @endgroup @group certificates-out-going @endpoint GET /certificates-out-going @desc Lists certificates that are being transferred but not yet accepted. Requires permission to access the ListOutgoingCertificates action. @optional {pageSize: int, marker: str, isAscendingOrder: bool} @returns(200) {outgoingCertificates: [OutgoingCertificate]?, nextMarker: str?} @endgroup @group packages @endpoint GET /packages/{packageName}/versions @desc Lists the software package versions associated to the account. Requires permission to access the ListPackageVersions action. @required {packageName: str} @optional {status: str, maxResults: int, nextToken: str} @returns(200) {packageVersionSummaries: [PackageVersionSummary]?, nextToken: str?} @endpoint GET /packages @desc Lists the software packages associated to the account. Requires permission to access the ListPackages action. @optional {maxResults: int, nextToken: str} @returns(200) {packageSummaries: [PackageSummary]?, nextToken: str?} @endgroup @group policies @endpoint GET /policies @desc Lists your policies. Requires permission to access the ListPolicies action. @optional {marker: str, pageSize: int, isAscendingOrder: bool} @returns(200) {policies: [Policy]?, nextMarker: str?} @endgroup @group policy-principals @endpoint GET /policy-principals @desc Lists the principals associated with the specified policy. Note: This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use ListTargetsForPolicy instead. Requires permission to access the ListPolicyPrincipals action. @required {x-amzn-iot-policy: str} @optional {marker: str, pageSize: int, isAscendingOrder: bool} @returns(200) {principals: [str]?, nextMarker: str?} @endgroup @group policies @endpoint GET /policies/{policyName}/version @desc Lists the versions of the specified policy and identifies the default version. Requires permission to access the ListPolicyVersions action. @required {policyName: str} @returns(200) {policyVersions: [PolicyVersion]?} @endgroup @group principal-policies @endpoint GET /principal-policies @desc Lists the policies attached to the specified principal. If you use an Cognito identity, the ID must be in AmazonCognito Identity format. Note: This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use ListAttachedPolicies instead. Requires permission to access the ListPrincipalPolicies action. @required {x-amzn-iot-principal: str} @optional {marker: str, pageSize: int, isAscendingOrder: bool} @returns(200) {policies: [Policy]?, nextMarker: str?} @endgroup @group principals @endpoint GET /principals/things @desc Lists the things associated with the specified principal. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities. Requires permission to access the ListPrincipalThings action. @required {x-amzn-principal: str} @optional {nextToken: str, maxResults: int} @returns(200) {things: [str]?, nextToken: str?} @endgroup @group provisioning-templates @endpoint GET /provisioning-templates/{templateName}/versions @desc A list of provisioning template versions. Requires permission to access the ListProvisioningTemplateVersions action. @required {templateName: str} @optional {maxResults: int, nextToken: str} @returns(200) {versions: [ProvisioningTemplateVersionSummary]?, nextToken: str?} @endpoint GET /provisioning-templates @desc Lists the provisioning templates in your Amazon Web Services account. Requires permission to access the ListProvisioningTemplates action. @optional {maxResults: int, nextToken: str} @returns(200) {templates: [ProvisioningTemplateSummary]?, nextToken: str?} @endgroup @group audit @endpoint GET /audit/relatedResources @desc The related resources of an Audit finding. The following resources can be returned from calling this API: DEVICE_CERTIFICATE CA_CERTIFICATE IOT_POLICY COGNITO_IDENTITY_POOL CLIENT_ID ACCOUNT_SETTINGS ROLE_ALIAS IAM_ROLE ISSUER_CERTIFICATE This API is similar to DescribeAuditFinding's RelatedResources but provides pagination and is not limited to 10 resources. When calling DescribeAuditFinding for the intermediate CA revoked for active device certificates check, RelatedResources will not be populated. You must use this API, ListRelatedResourcesForAuditFinding, to list the certificates. @required {findingId: str} @optional {nextToken: str, maxResults: int} @returns(200) {relatedResources: [RelatedResource]?, nextToken: str?} @endgroup @group role-aliases @endpoint GET /role-aliases @desc Lists the role aliases registered in your account. Requires permission to access the ListRoleAliases action. @optional {pageSize: int, marker: str, isAscendingOrder: bool} @returns(200) {roleAliases: [str]?, nextMarker: str?} @endgroup @group audit @endpoint GET /audit/scheduledaudits @desc Lists all of your scheduled audits. Requires permission to access the ListScheduledAudits action. @optional {nextToken: str, maxResults: int} @returns(200) {scheduledAudits: [ScheduledAuditMetadata]?, nextToken: str?} @endgroup @group security-profiles @endpoint GET /security-profiles @desc Lists the Device Defender security profiles you've created. You can filter security profiles by dimension or custom metric. Requires permission to access the ListSecurityProfiles action. dimensionName and metricName cannot be used in the same request. @optional {nextToken: str, maxResults: int, dimensionName: str, metricName: str} @returns(200) {securityProfileIdentifiers: [SecurityProfileIdentifier]?, nextToken: str?} @endgroup @group security-profiles-for-target @endpoint GET /security-profiles-for-target @desc Lists the Device Defender security profiles attached to a target (thing group). Requires permission to access the ListSecurityProfilesForTarget action. @required {securityProfileTargetArn: str} @optional {nextToken: str, maxResults: int, recursive: bool} @returns(200) {securityProfileTargetMappings: [SecurityProfileTargetMapping]?, nextToken: str?} @endgroup @group streams @endpoint GET /streams @desc Lists all of the streams in your Amazon Web Services account. Requires permission to access the ListStreams action. @optional {maxResults: int, nextToken: str, isAscendingOrder: bool} @returns(200) {streams: [StreamSummary]?, nextToken: str?} @endgroup @group tags @endpoint GET /tags @desc Lists the tags (metadata) you have assigned to the resource. Requires permission to access the ListTagsForResource action. @required {resourceArn: str} @optional {nextToken: str} @returns(200) {tags: [Tag]?, nextToken: str?} @endgroup @group policy-targets @endpoint POST /policy-targets/{policyName} @desc List targets for the specified policy. Requires permission to access the ListTargetsForPolicy action. @required {policyName: str} @optional {marker: str, pageSize: int} @returns(200) {targets: [str]?, nextMarker: str?} @endgroup @group security-profiles @endpoint GET /security-profiles/{securityProfileName}/targets @desc Lists the targets (thing groups) associated with a given Device Defender security profile. Requires permission to access the ListTargetsForSecurityProfile action. @required {securityProfileName: str} @optional {nextToken: str, maxResults: int} @returns(200) {securityProfileTargets: [SecurityProfileTarget]?, nextToken: str?} @endgroup @group thing-groups @endpoint GET /thing-groups @desc List the thing groups in your account. Requires permission to access the ListThingGroups action. @optional {nextToken: str, maxResults: int, parentGroup: str, namePrefixFilter: str, recursive: bool} @returns(200) {thingGroups: [GroupNameAndArn]?, nextToken: str?} @endgroup @group things @endpoint GET /things/{thingName}/thing-groups @desc List the thing groups to which the specified thing belongs. Requires permission to access the ListThingGroupsForThing action. @required {thingName: str} @optional {nextToken: str, maxResults: int} @returns(200) {thingGroups: [GroupNameAndArn]?, nextToken: str?} @endpoint GET /things/{thingName}/principals @desc Lists the principals associated with the specified thing. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities. Requires permission to access the ListThingPrincipals action. @required {thingName: str} @optional {nextToken: str, maxResults: int} @returns(200) {principals: [str]?, nextToken: str?} @endgroup @group thing-registration-tasks @endpoint GET /thing-registration-tasks/{taskId}/reports @desc Information about the thing registration tasks. @required {taskId: str, reportType: str} @optional {nextToken: str, maxResults: int} @returns(200) {resourceLinks: [str]?, reportType: str?, nextToken: str?} @endpoint GET /thing-registration-tasks @desc List bulk thing provisioning tasks. Requires permission to access the ListThingRegistrationTasks action. @optional {nextToken: str, maxResults: int, status: str} @returns(200) {taskIds: [str]?, nextToken: str?} @endgroup @group thing-types @endpoint GET /thing-types @desc Lists the existing thing types. Requires permission to access the ListThingTypes action. @optional {nextToken: str, maxResults: int, thingTypeName: str} @returns(200) {thingTypes: [ThingTypeDefinition]?, nextToken: str?} @endgroup @group things @endpoint GET /things @desc Lists your things. Use the attributeName and attributeValue parameters to filter your things. For example, calling ListThings with attributeName=Color and attributeValue=Red retrieves all things in the registry that contain an attribute Color with the value Red. For more information, see List Things from the Amazon Web Services IoT Core Developer Guide. Requires permission to access the ListThings action. You will not be charged for calling this API if an Access denied error is returned. You will also not be charged if no attributes or pagination token was provided in request and no pagination token and no results were returned. @optional {nextToken: str, maxResults: int, attributeName: str, attributeValue: str, thingTypeName: str, usePrefixAttributeValue: bool} @returns(200) {things: [ThingAttribute]?, nextToken: str?} @endgroup @group billing-groups @endpoint GET /billing-groups/{billingGroupName}/things @desc Lists the things you have added to the given billing group. Requires permission to access the ListThingsInBillingGroup action. @required {billingGroupName: str} @optional {nextToken: str, maxResults: int} @returns(200) {things: [str]?, nextToken: str?} @endgroup @group thing-groups @endpoint GET /thing-groups/{thingGroupName}/things @desc Lists the things in the specified group. Requires permission to access the ListThingsInThingGroup action. @required {thingGroupName: str} @optional {recursive: bool, nextToken: str, maxResults: int} @returns(200) {things: [str]?, nextToken: str?} @endgroup @group destinations @endpoint GET /destinations @desc Lists all the topic rule destinations in your Amazon Web Services account. Requires permission to access the ListTopicRuleDestinations action. @optional {maxResults: int, nextToken: str} @returns(200) {destinationSummaries: [TopicRuleDestinationSummary]?, nextToken: str?} @endgroup @group rules @endpoint GET /rules @desc Lists the rules for the specific topic. Requires permission to access the ListTopicRules action. @optional {topic: str, maxResults: int, nextToken: str, ruleDisabled: bool} @returns(200) {rules: [TopicRuleListItem]?, nextToken: str?} @endgroup @group v2LoggingLevel @endpoint GET /v2LoggingLevel @desc Lists logging levels. Requires permission to access the ListV2LoggingLevels action. @optional {targetType: str, nextToken: str, maxResults: int} @returns(200) {logTargetConfigurations: [LogTargetConfiguration]?, nextToken: str?} @endgroup @group violation-events @endpoint GET /violation-events @desc Lists the Device Defender security profile violations discovered during the given time period. You can use filters to limit the results to those alerts issued for a particular security profile, behavior, or thing (device). Requires permission to access the ListViolationEvents action. @required {startTime: str(timestamp), endTime: str(timestamp)} @optional {thingName: str, securityProfileName: str, behaviorCriteriaType: str, listSuppressedAlerts: bool, verificationState: str, nextToken: str, maxResults: int} @returns(200) {violationEvents: [ViolationEvent]?, nextToken: str?} @endgroup @group violations @endpoint POST /violations/verification-state/{violationId} @desc Set a verification state and provide a description of that verification state on a violation (detect alarm). @required {violationId: str, verificationState: str} @optional {verificationStateDescription: str} @endgroup @group cacertificate @endpoint POST /cacertificate @desc Registers a CA certificate with Amazon Web Services IoT Core. There is no limit to the number of CA certificates you can register in your Amazon Web Services account. You can register up to 10 CA certificates with the same CA subject field per Amazon Web Services account. Requires permission to access the RegisterCACertificate action. @required {caCertificate: str} @optional {setAsActive: bool, allowAutoRegistration: bool, verificationCertificate: str, registrationConfig: RegistrationConfig, tags: [Tag], certificateMode: str} @returns(200) {certificateArn: str?, certificateId: str?} @endgroup @group certificate @endpoint POST /certificate/register @desc Registers a device certificate with IoT in the same certificate mode as the signing CA. If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered. Requires permission to access the RegisterCertificate action. @required {certificatePem: str} @optional {setAsActive: bool, caCertificatePem: str, status: str} @returns(200) {certificateArn: str?, certificateId: str?} @endpoint POST /certificate/register-no-ca @desc Register a certificate that does not have a certificate authority (CA). For supported certificates, consult Certificate signing algorithms supported by IoT. @required {certificatePem: str} @optional {status: str} @returns(200) {certificateArn: str?, certificateId: str?} @endgroup @group things @endpoint POST /things @desc Provisions a thing in the device registry. RegisterThing calls other IoT control plane APIs. These calls might exceed your account level IoT Throttling Limits and cause throttle errors. Please contact Amazon Web Services Customer Support to raise your throttling limits if necessary. Requires permission to access the RegisterThing action. @required {templateBody: str} @optional {parameters: map} @returns(200) {certificatePem: str?, resourceArns: map?} @endgroup @group reject-certificate-transfer @endpoint PATCH /reject-certificate-transfer/{certificateId} @desc Rejects a pending certificate transfer. After IoT rejects a certificate transfer, the certificate status changes from PENDING_TRANSFER to INACTIVE. To check for pending certificate transfers, call ListCertificates to enumerate your certificates. This operation can only be called by the transfer destination. After it is called, the certificate will be returned to the source's account in the INACTIVE state. Requires permission to access the RejectCertificateTransfer action. @required {certificateId: str} @optional {rejectReason: str} @endgroup @group billing-groups @endpoint PUT /billing-groups/removeThingFromBillingGroup @desc Removes the given thing from the billing group. Requires permission to access the RemoveThingFromBillingGroup action. This call is asynchronous. It might take several seconds for the detachment to propagate. @optional {billingGroupName: str, billingGroupArn: str, thingName: str, thingArn: str} @endgroup @group thing-groups @endpoint PUT /thing-groups/removeThingFromThingGroup @desc Remove the specified thing from the specified group. You must specify either a thingGroupArn or a thingGroupName to identify the thing group and either a thingArn or a thingName to identify the thing to remove from the thing group. Requires permission to access the RemoveThingFromThingGroup action. @optional {thingGroupName: str, thingGroupArn: str, thingName: str, thingArn: str} @endgroup @group rules @endpoint PATCH /rules/{ruleName} @desc Replaces the rule. You must specify all parameters for the new rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule. Requires permission to access the ReplaceTopicRule action. @required {ruleName: str, topicRulePayload: TopicRulePayload} @endgroup @group indices @endpoint POST /indices/search @desc The query search index. Requires permission to access the SearchIndex action. @required {queryString: str} @optional {indexName: str, nextToken: str, maxResults: int, queryVersion: str} @returns(200) {nextToken: str?, things: [ThingDocument]?, thingGroups: [ThingGroupDocument]?} @endgroup @group default-authorizer @endpoint POST /default-authorizer @desc Sets the default authorizer. This will be used if a websocket connection is made without specifying an authorizer. Requires permission to access the SetDefaultAuthorizer action. @required {authorizerName: str} @returns(200) {authorizerName: str?, authorizerArn: str?} @endgroup @group policies @endpoint PATCH /policies/{policyName}/version/{policyVersionId} @desc Sets the specified version of the specified policy as the policy's default (operative) version. This action affects all certificates to which the policy is attached. To list the principals the policy is attached to, use the ListPrincipalPolicies action. Requires permission to access the SetDefaultPolicyVersion action. @required {policyName: str, policyVersionId: str} @endgroup @group loggingOptions @endpoint POST /loggingOptions @desc Sets the logging options. NOTE: use of this command is not recommended. Use SetV2LoggingOptions instead. Requires permission to access the SetLoggingOptions action. @required {loggingOptionsPayload: LoggingOptionsPayload} @endgroup @group v2LoggingLevel @endpoint POST /v2LoggingLevel @desc Sets the logging level. Requires permission to access the SetV2LoggingLevel action. @required {logTarget: LogTarget, logLevel: str} @endgroup @group v2LoggingOptions @endpoint POST /v2LoggingOptions @desc Sets the logging options for the V2 logging service. Requires permission to access the SetV2LoggingOptions action. @optional {roleArn: str, defaultLogLevel: str, disableAllLogs: bool} @endgroup @group audit @endpoint POST /audit/mitigationactions/tasks/{taskId} @desc Starts a task that applies a set of mitigation actions to the specified target. Requires permission to access the StartAuditMitigationActionsTask action. @required {taskId: str, target: AuditMitigationActionsTaskTarget, auditCheckToActionsMapping: map, clientRequestToken: str} @returns(200) {taskId: str?} @endgroup @group detect @endpoint PUT /detect/mitigationactions/tasks/{taskId} @desc Starts a Device Defender ML Detect mitigation actions task. Requires permission to access the StartDetectMitigationActionsTask action. @required {taskId: str, target: DetectMitigationActionsTaskTarget, actions: [str], clientRequestToken: str} @optional {violationEventOccurrenceRange: ViolationEventOccurrenceRange, includeOnlyActiveViolations: bool, includeSuppressedAlerts: bool} @returns(200) {taskId: str?} @endgroup @group audit @endpoint POST /audit/tasks @desc Starts an on-demand Device Defender audit. Requires permission to access the StartOnDemandAuditTask action. @required {targetCheckNames: [str]} @returns(200) {taskId: str?} @endgroup @group thing-registration-tasks @endpoint POST /thing-registration-tasks @desc Creates a bulk thing provisioning task. Requires permission to access the StartThingRegistrationTask action. @required {templateBody: str, inputFileBucket: str, inputFileKey: str, roleArn: str} @returns(200) {taskId: str?} @endpoint PUT /thing-registration-tasks/{taskId}/cancel @desc Cancels a bulk thing provisioning task. Requires permission to access the StopThingRegistrationTask action. @required {taskId: str} @endgroup @group tags @endpoint POST /tags @desc Adds to or modifies the tags of the given resource. Tags are metadata which can be used to manage a resource. Requires permission to access the TagResource action. @required {resourceArn: str, tags: [Tag]} @endgroup @group test-authorization @endpoint POST /test-authorization @desc Tests if a specified principal is authorized to perform an IoT action on a specified resource. Use this to test and debug the authorization behavior of devices that connect to the IoT device gateway. Requires permission to access the TestAuthorization action. @required {authInfos: [AuthInfo]} @optional {clientId: str, principal: str, cognitoIdentityPoolId: str, policyNamesToAdd: [str], policyNamesToSkip: [str]} @returns(200) {authResults: [AuthResult]?} @endgroup @group authorizer @endpoint POST /authorizer/{authorizerName}/test @desc Tests a custom authorization behavior by invoking a specified custom authorizer. Use this to test and debug the custom authorization behavior of devices that connect to the IoT device gateway. Requires permission to access the TestInvokeAuthorizer action. @required {authorizerName: str} @optional {token: str, tokenSignature: str, httpContext: HttpContext, mqttContext: MqttContext, tlsContext: TlsContext} @returns(200) {isAuthenticated: bool?, principalId: str?, policyDocuments: [str]?, refreshAfterInSeconds: int?, disconnectAfterInSeconds: int?} @endgroup @group transfer-certificate @endpoint PATCH /transfer-certificate/{certificateId} @desc Transfers the specified certificate to the specified Amazon Web Services account. Requires permission to access the TransferCertificate action. You can cancel the transfer until it is acknowledged by the recipient. No notification is sent to the transfer destination's account. It is up to the caller to notify the transfer target. The certificate being transferred must not be in the ACTIVE state. You can use the UpdateCertificate action to deactivate it. The certificate must not have any policies attached to it. You can use the DetachPolicy action to detach them. @required {certificateId: str, targetAwsAccount: str} @optional {transferMessage: str} @returns(200) {transferredCertificateArn: str?} @endgroup @group untag @endpoint POST /untag @desc Removes the given tags (metadata) from the resource. Requires permission to access the UntagResource action. @required {resourceArn: str, tagKeys: [str]} @endgroup @group audit @endpoint PATCH /audit/configuration @desc Configures or reconfigures the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled. Requires permission to access the UpdateAccountAuditConfiguration action. @optional {roleArn: str, auditNotificationTargetConfigurations: map, auditCheckConfigurations: map} @endpoint PATCH /audit/suppressions/update @desc Updates a Device Defender audit suppression. @required {checkName: str, resourceIdentifier: ResourceIdentifier} @optional {expirationDate: str(timestamp), suppressIndefinitely: bool, description: str} @endgroup @group authorizer @endpoint PUT /authorizer/{authorizerName} @desc Updates an authorizer. Requires permission to access the UpdateAuthorizer action. @required {authorizerName: str} @optional {authorizerFunctionArn: str, tokenKeyName: str, tokenSigningPublicKeys: map, status: str, enableCachingForHttp: bool} @returns(200) {authorizerName: str?, authorizerArn: str?} @endgroup @group billing-groups @endpoint PATCH /billing-groups/{billingGroupName} @desc Updates information about the billing group. Requires permission to access the UpdateBillingGroup action. @required {billingGroupName: str, billingGroupProperties: BillingGroupProperties} @optional {expectedVersion: int(i64)} @returns(200) {version: int(i64)?} @endgroup @group cacertificate @endpoint PUT /cacertificate/{caCertificateId} @desc Updates a registered CA certificate. Requires permission to access the UpdateCACertificate action. @required {certificateId: str} @optional {newStatus: str, newAutoRegistrationStatus: str, registrationConfig: RegistrationConfig, removeAutoRegistration: bool} @endgroup @group certificates @endpoint PUT /certificates/{certificateId} @desc Updates the status of the specified certificate. This operation is idempotent. Requires permission to access the UpdateCertificate action. Certificates must be in the ACTIVE state to authenticate devices that use a certificate to connect to IoT. Within a few minutes of updating a certificate from the ACTIVE state to any other state, IoT disconnects all devices that used that certificate to connect. Devices cannot use a certificate that is not in the ACTIVE state to reconnect. @required {certificateId: str, newStatus: str} @endgroup @group certificate-providers @endpoint PUT /certificate-providers/{certificateProviderName} @desc Updates a certificate provider. Requires permission to access the UpdateCertificateProvider action. @required {certificateProviderName: str} @optional {lambdaFunctionArn: str, accountDefaultForOperations: [str]} @returns(200) {certificateProviderName: str?, certificateProviderArn: str?} @endgroup @group custom-metric @endpoint PATCH /custom-metric/{metricName} @desc Updates a Device Defender detect custom metric. Requires permission to access the UpdateCustomMetric action. @required {metricName: str, displayName: str} @returns(200) {metricName: str?, metricArn: str?, metricType: str?, displayName: str?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group dimensions @endpoint PATCH /dimensions/{name} @desc Updates the definition for a dimension. You cannot change the type of a dimension after it is created (you can delete it and recreate it). Requires permission to access the UpdateDimension action. @required {name: str, stringValues: [str]} @returns(200) {name: str?, arn: str?, type: str?, stringValues: [str]?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?} @endgroup @group domainConfigurations @endpoint PUT /domainConfigurations/{domainConfigurationName} @desc Updates values stored in the domain configuration. Domain configurations for default endpoints can't be updated. Requires permission to access the UpdateDomainConfiguration action. @required {domainConfigurationName: str} @optional {authorizerConfig: AuthorizerConfig, domainConfigurationStatus: str, removeAuthorizerConfig: bool, tlsConfig: TlsConfig, serverCertificateConfig: ServerCertificateConfig} @returns(200) {domainConfigurationName: str?, domainConfigurationArn: str?} @endgroup @group dynamic-thing-groups @endpoint PATCH /dynamic-thing-groups/{thingGroupName} @desc Updates a dynamic thing group. Requires permission to access the UpdateDynamicThingGroup action. @required {thingGroupName: str, thingGroupProperties: ThingGroupProperties} @optional {expectedVersion: int(i64), indexName: str, queryString: str, queryVersion: str} @returns(200) {version: int(i64)?} @endgroup @group event-configurations @endpoint PATCH /event-configurations @desc Updates the event configurations. Requires permission to access the UpdateEventConfigurations action. @optional {eventConfigurations: map} @endgroup @group fleet-metric @endpoint PATCH /fleet-metric/{metricName} @desc Updates the data for a fleet metric. Requires permission to access the UpdateFleetMetric action. @required {metricName: str, indexName: str} @optional {queryString: str, aggregationType: AggregationType, period: int, aggregationField: str, description: str, queryVersion: str, unit: str, expectedVersion: int(i64)} @endgroup @group indexing @endpoint POST /indexing/config @desc Updates the search configuration. Requires permission to access the UpdateIndexingConfiguration action. @optional {thingIndexingConfiguration: ThingIndexingConfiguration, thingGroupIndexingConfiguration: ThingGroupIndexingConfiguration} @endgroup @group jobs @endpoint PATCH /jobs/{jobId} @desc Updates supported fields of the specified job. Requires permission to access the UpdateJob action. @required {jobId: str} @optional {namespaceId: str, description: str, presignedUrlConfig: PresignedUrlConfig, jobExecutionsRolloutConfig: JobExecutionsRolloutConfig, abortConfig: AbortConfig, timeoutConfig: TimeoutConfig, jobExecutionsRetryConfig: JobExecutionsRetryConfig} @endgroup @group mitigationactions @endpoint PATCH /mitigationactions/actions/{actionName} @desc Updates the definition for the specified mitigation action. Requires permission to access the UpdateMitigationAction action. @required {actionName: str} @optional {roleArn: str, actionParams: MitigationActionParams} @returns(200) {actionArn: str?, actionId: str?} @endgroup @group packages @endpoint PATCH /packages/{packageName} @desc Updates the supported fields for a specific software package. Requires permission to access the UpdatePackage and GetIndexingConfiguration actions. @required {packageName: str} @optional {clientToken: str, description: str, defaultVersionName: str, unsetDefaultVersion: bool} @endgroup @group package-configuration @endpoint PATCH /package-configuration @desc Updates the software package configuration. Requires permission to access the UpdatePackageConfiguration and iam:PassRole actions. @optional {clientToken: str, versionUpdateByJobsConfig: VersionUpdateByJobsConfig} @endgroup @group packages @endpoint PATCH /packages/{packageName}/versions/{versionName} @desc Updates the supported fields for a specific package version. Requires permission to access the UpdatePackageVersion and GetIndexingConfiguration actions. @required {packageName: str, versionName: str} @optional {clientToken: str, description: str, attributes: map, action: str} @endgroup @group provisioning-templates @endpoint PATCH /provisioning-templates/{templateName} @desc Updates a provisioning template. Requires permission to access the UpdateProvisioningTemplate action. @required {templateName: str} @optional {description: str, enabled: bool, defaultVersionId: int, provisioningRoleArn: str, preProvisioningHook: ProvisioningHook, removePreProvisioningHook: bool} @endgroup @group role-aliases @endpoint PUT /role-aliases/{roleAlias} @desc Updates a role alias. Requires permission to access the UpdateRoleAlias action. @required {roleAlias: str} @optional {roleArn: str, credentialDurationSeconds: int} @returns(200) {roleAlias: str?, roleAliasArn: str?} @endgroup @group audit @endpoint PATCH /audit/scheduledaudits/{scheduledAuditName} @desc Updates a scheduled audit, including which checks are performed and how often the audit takes place. Requires permission to access the UpdateScheduledAudit action. @required {scheduledAuditName: str} @optional {frequency: str, dayOfMonth: str, dayOfWeek: str, targetCheckNames: [str]} @returns(200) {scheduledAuditArn: str?} @endgroup @group security-profiles @endpoint PATCH /security-profiles/{securityProfileName} @desc Updates a Device Defender security profile. Requires permission to access the UpdateSecurityProfile action. @required {securityProfileName: str} @optional {expectedVersion: int(i64), securityProfileDescription: str, behaviors: [Behavior], alertTargets: map, additionalMetricsToRetain: [str], additionalMetricsToRetainV2: [MetricToRetain], deleteBehaviors: bool, deleteAlertTargets: bool, deleteAdditionalMetricsToRetain: bool, metricsExportConfig: MetricsExportConfig, deleteMetricsExportConfig: bool} @returns(200) {securityProfileName: str?, securityProfileArn: str?, securityProfileDescription: str?, behaviors: [Behavior]?, alertTargets: map?, additionalMetricsToRetain: [str]?, additionalMetricsToRetainV2: [MetricToRetain]?, version: int(i64)?, creationDate: str(timestamp)?, lastModifiedDate: str(timestamp)?, metricsExportConfig: MetricsExportConfig?{mqttTopic: str, roleArn: str}} @endgroup @group streams @endpoint PUT /streams/{streamId} @desc Updates an existing stream. The stream version will be incremented by one. Requires permission to access the UpdateStream action. @required {streamId: str} @optional {description: str, files: [StreamFile], roleArn: str} @returns(200) {streamId: str?, streamArn: str?, description: str?, streamVersion: int?} @endgroup @group things @endpoint PATCH /things/{thingName} @desc Updates the data for a thing. Requires permission to access the UpdateThing action. @required {thingName: str} @optional {thingTypeName: str, attributePayload: AttributePayload, expectedVersion: int(i64), removeThingType: bool} @endgroup @group thing-groups @endpoint PATCH /thing-groups/{thingGroupName} @desc Update a thing group. Requires permission to access the UpdateThingGroup action. @required {thingGroupName: str, thingGroupProperties: ThingGroupProperties} @optional {expectedVersion: int(i64)} @returns(200) {version: int(i64)?} @endpoint PUT /thing-groups/updateThingGroupsForThing @desc Updates the groups to which the thing belongs. Requires permission to access the UpdateThingGroupsForThing action. @optional {thingName: str, thingGroupsToAdd: [str], thingGroupsToRemove: [str], overrideDynamicGroups: bool} @endgroup @group destinations @endpoint PATCH /destinations @desc Updates a topic rule destination. You use this to change the status, endpoint URL, or confirmation URL of the destination. Requires permission to access the UpdateTopicRuleDestination action. @required {arn: str, status: str} @endgroup @group security-profile-behaviors @endpoint POST /security-profile-behaviors/validate @desc Validates a Device Defender security profile behaviors specification. Requires permission to access the ValidateSecurityProfileBehaviors action. @required {behaviors: [Behavior]} @returns(200) {valid: bool?, validationErrors: [ValidationError]?} @endgroup @end