All Products
Search
Document Center

Cloud Config:EvaluatePreConfigRules

Last Updated:Jun 17, 2024

Executes evaluation rules to evaluate resources.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

ParameterTypeRequiredDescriptionExample
ResourceEvaluateItemsobject []Yes

The resources that you want to evaluate.

ResourceLogicalIdstringNo

The logical ID of the resource.

ResourceLogicId-test
ResourceTypestringNo

The type of the resource.

ACS::ECS::Instance
Rulesobject []No

The evaluation rules.

IdentifierstringNo

The identifier of the evaluation rule.

For more information about how to obtain the identifier of an evaluation rule, see ListManagedRules .

ecs-instance-deletion-protection-enabled
InputParametersstringNo

The input parameters of the evaluation rule.

{}
ResourcePropertiesstringNo

The properties of the resource.

{ "ImageId": "ubuntu_18_04_64_20G_alibase_20190624.vhd", "SecurityGroupId": "sg-bp15ed6xe1yxeycg****", "HostName": "LocalHostName", "RegionId": "cn-hangzhou" }
EnableManagedRulesbooleanNo

Specifies whether to enable the managed rule. Valid values:

  • true: enables the managed rule.
  • false: does not enable the managed rule. This is the default value.
Note After you create an evaluation rule, a managed rule that has the same settings as the evaluation rule is created. After you create a resource, the managed rule can be used to continuously check the compliance of the resource.
false

For more information about common request parameters, see Common parameters.

Response parameters

ParameterTypeDescriptionExample
object
RequestIdstring

The ID of the request.

129ECF1C-7897-1131-BD0F-4B588AC05400
ResourceEvaluationsobject []

The details of the compliance evaluation result.

ResourceLogicalIdstring

The logical ID of the resource.

Note If the ResourceLogicalId request parameter is left empty, the value of the ResourceLogicalId response parameter is generated based on the value of the ResourceProperties parameter.
ResourceLogicId-test
ResourceTypestring

The type of the resource.

ACS::ECS::Instance
Rulesobject []

The evaluation rules.

Identifierstring

The identifier of the evaluation rule.

ecs-instance-deletion-protection-enabled
ComplianceTypestring

The compliance type of the resource that was evaluated by using the evaluation rule. Valid values:

  • COMPLIANT: The resource was evaluated as compliant.
  • NON_COMPLIANT: The resource was evaluated as incompliant.
  • NOT_APPLICABLE: The evaluation rule does not apply to the resource.
NON_COMPLIANT
Annotationstring

The reason why the resource was evaluated as incompliant.

{\"configuration\":\"false\",\"desiredValue\":\"True\",\"operator\":\"StringEquals\",\"property\":\"$.DeletionProtection\"}
HelpUrlstring

The URL of the topic that describes how the managed rule remediates the incompliant configurations.

https://example.aliyundoc.com

Examples

Sample success responses

JSONformat

{
  "RequestId": "129ECF1C-7897-1131-BD0F-4B588AC05400",
  "ResourceEvaluations": [
    {
      "ResourceLogicalId": "ResourceLogicId-test",
      "ResourceType": "ACS::ECS::Instance",
      "Rules": [
        {
          "Identifier": "ecs-instance-deletion-protection-enabled",
          "ComplianceType": "NON_COMPLIANT",
          "Annotation": "{\\\"configuration\\\":\\\"false\\\",\\\"desiredValue\\\":\\\"True\\\",\\\"operator\\\":\\\"StringEquals\\\",\\\"property\\\":\\\"$.DeletionProtection\\\"}",
          "HelpUrl": "https://example.aliyundoc.com"
        }
      ]
    }
  ]
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2023-06-13The internal configuration of the API is changed, but the call is not affectedsee changesets
Change itemChange content
The internal configuration of the API is changed, but the call is not affected.