All Products
Search
Document Center

Cloud Config:CreateAggregateConfigDeliveryChannel

Last Updated:Jun 17, 2024

Creates a delivery channel for an account group.

Operation description

In this example, a delivery channel is created for an account group. The ID of the account group is ca-a4e5626622af0079****. The type of the delivery channel is OSS and the Alibaba Cloud Resource Name (ARN) of the delivery destination is acs:oss:cn-shanghai:100931896542****:new-bucket. The result indicates that the delivery channel is created. The ID of the delivery channel is cdc-8e45ff4e06a3a8****.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
config:CreateAggregateConfigDeliveryChannelWrite
  • All Resources
    *
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
AggregatorIdstringYes

The ID of the account group.

For more information about how to obtain the ID of the account group, see ListAggregators .

ca-a4e5626622af0079****
DeliveryChannelNamestringNo

The name of the delivery channel.

Note If you do not configure this parameter, this parameter is left empty.
testoss
DeliveryChannelTypestringYes

The type of the delivery channel. Valid values:

  • OSS: Object Storage Service (OSS)
  • MNS: Message Service (MNS)
  • SLS: Log Service
OSS
DeliveryChannelTargetArnstringYes

The ARN of the delivery destination. Valid values:

  • acs:oss:{RegionId}:{accountId}:{bucketName} if your delivery destination is an OSS bucket. Example: acs:oss:cn-shanghai:100931896542****:new-bucket.
  • acs:mns:{RegionId}:{accountId}:/topics/{topicName} if your delivery destination is an MNS topic. Example: acs:mns:cn-shanghai:100931896542****:/topics/topic1.
  • acs:log:{RegionId}:{accountId}:project/{projectName}/logstore/{logstoreName} if your delivery destination is a Log Service Logstore. Example: acs:log:cn-shanghai:100931896542****:project/project1/logstore/logstore1.
acs:oss:cn-shanghai:100931896542****:new-bucket
DeliveryChannelConditionstringNo

The rule that you want to attach to the delivery channel. This parameter is available when you deliver data of all types to MNS or deliver snapshots to Log Service.

  • If you set the DeliveryChannelType parameter to MNS, take note of the following settings of the lowest risk level and the resource types of the events to which you want to subscribe:

    • The lowest risk level of the events to which you want to subscribe is in the following format: {"filterType":"RuleRiskLevel","value":"1","multiple":false}.

      The value field indicates the risk level of the events to which you want to subscribe. Valid values: 1, 2, and 3. The value 1 indicates the high risk level, the value 2 indicates the medium risk level, and the value 3 indicates the low risk level.

    • The setting of the resource types of the events to which you want to subscribe is in the following format: {"filterType":"ResourceType","values":["ACS::ACK::Cluster","ACS::ActionTrail::Trail","ACS::CBWP::CommonBandwidthPackage"],"multiple":true}.

      The values field indicates the resource types of the events to which you want to subscribe. The value of the field is a JSON array. Example:

[{"filterType":"ResourceType","values":["ACS::ActionTrail::Trail","ACS::CBWP::CommonBandwidthPackage","ACS::CDN::Domain","ACS::CEN::CenBandwidthPackage","ACS::CEN::CenInstance","ACS::CEN::Flowlog","ACS::DdosCoo::Instance"],"multiple":true}]

  • If you set the DeliveryChannelType parameter to SLS, the setting of the resource types of the snapshots to which you want to deliver is in the following format: {"filterType":"ResourceType","values":["ACS::ACK::Cluster","ACS::ActionTrail::Trail","ACS::CBWP::CommonBandwidthPackage"],"multiple":true}.

    The values field specifies the resource types of the snapshots to which you want to deliver. The value of the field is a JSON array. Example:

[{"filterType":"ResourceType","values":["ACS::ActionTrail::Trail","ACS::CBWP::CommonBandwidthPackage","ACS::CDN::Domain","ACS::CEN::CenBandwidthPackage","ACS::CEN::CenInstance","ACS::CEN::Flowlog","ACS::DdosCoo::Instance"],"multiple":true}]

[{"filterType":"ResourceType","values":["ACS::ActionTrail::Trail","ACS::CBWP::CommonBandwidthPackage","ACS::CDN::Domain","ACS::CEN::CenBandwidthPackage","ACS::CEN::CenInstance","ACS::CEN::Flowlog","ACS::DdosCoo::Instance"],"multiple":true}]
OversizedDataOSSTargetArnstringNo

The ARN of the OSS bucket to which you want to transfer the delivery data when the size of the data exceeds the specified upper limit of the delivery channel. Format: acs:oss:{RegionId}:{accountId}:{bucketName}.

If you do not configure this parameter, Cloud Config delivers only summary data.

Note This parameter is available only for delivery channels of the SLS or MNS type. The upper limit on the storage size of delivery channels of the SLS type is 1 MB, and the maximum storage size of delivery channels of the MNS type is 64 KB.
acs:oss:cn-shanghai:100931896542****:new-bucket
DescriptionstringNo

The description of the delivery channel.

My OSS delivery.
ClientTokenstringNo

The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests.

The token can contain only ASCII characters and cannot exceed 64 characters in length. For more information, see Ensure idempotence

1594295238-f9361358-5843-4294-8d30-b5183fac****
ConfigurationSnapshotbooleanNo

Specifies whether to deliver scheduled resource snapshots. Cloud Config delivers scheduled resource snapshots to OSS, MNS, or Log Service at 04:00Z and 16:00Z every day. The time is displayed in UTC. Valid values:

  • true: Cloud Config delivers scheduled resource snapshots.
  • false: Cloud Config does not deliver scheduled resource snapshots. This is the default value.
false
ConfigurationItemChangeNotificationbooleanNo

Specifies whether to deliver resource change logs. If you set this parameter to true, Cloud Config delivers resource change logs to OSS, Log Service, or MNS when the configurations of the resources change. Valid values:

  • true: Cloud Config delivers resource change logs.
  • false: Cloud Config does not deliver resource change logs. This is the default value.
Note This parameter is available for delivery channels of the OSS, SLS, and MNS types.
false
NonCompliantNotificationbooleanNo

Specifies whether to deliver resource non-compliance events. If you set this parameter to true, Cloud Config delivers resource non-compliance events to Log Service or MNS when resources are considered non-compliant. Valid values:

  • true: Cloud Config delivers resource non-compliance events.
  • false: Cloud Config does not deliver resource non-compliance events. This is the default value.
Note This parameter is available only for delivery channels of the SLS or MNS type.
false
DeliverySnapshotTimestringNo

The time when you want Cloud Config to deliver scheduled resource snapshots every day.

Format: HH:mmZ. This time is displayed in UTC.

Note When you enable the scheduled resource delivery feature, you can configure this parameter to specify a custom delivery time. If you do not configure this parameter, Cloud Config automatically delivers scheduled resource snapshots at 04:00Z and 16:00Z every day.
09:10Z

For more information about common request parameters, see Common parameters.

Response parameters

ParameterTypeDescriptionExample
object

N/A.

RequestIdstring

The request ID.

A7A0FFF8-0B44-40C6-8BBF-3A185EFDERTHG
DeliveryChannelIdstring

The ID of the delivery channel.

cdc-8e45ff4e06a3a8****

Examples

Sample success responses

JSONformat

{
  "RequestId": "A7A0FFF8-0B44-40C6-8BBF-3A185EFDERTHG",
  "DeliveryChannelId": "cdc-8e45ff4e06a3a8****"
}

Error codes

HTTP status codeError codeError messageDescription
400DeliveryChannelNotExistsThe delivery channel does not exist.The delivery channel does not exist.
400Invalid.DeliveryChannelAssumeRoleArn.FormatThe specified format of DeliveryChannelAssumeRoleArn is invalid.The specified format of DeliveryChannelAssumeRoleArn is invalid.
400Invalid.DeliveryChannelTargetArn.FormatThe specified format of DeliveryChannelTargetArn is invalid.The specified format of DeliveryChannelTargetArn is invalid.
400Invalid.DeliveryChannelCondition.FormatThe specified format of DeliveryChannelCondition is invalid.The specified format of DeliveryChannelCondition is invalid.
400MemberNotBelongToMasterThe specified member does not belong to your organization.The specified member does not belong to your organization.
400DeliveryChannelAccountNotSupportCross-account delivery that is not in the RD is not supported.Cross-account delivery that is not in the RD is not supported.
400DeliveryChannelMnsUnreachableThe MNS topic is unreachable.The MNS topic is unreachable.
400DeliveryChannelOssUnreachableThe OSS bucket is unreachable.The OSS bucket is unreachable.
400DeliveryChannelSlsUnreachableSLS logstore is unreachable.The SLS Logstore is unreachable.
404AccountNotExistedYour account does not exist.The specified account does not exist.

For a list of error codes, visit the Service error codes.