ListResourceEvaluationResults - Cloud Config - Alibaba Cloud Documentation Center

0.0.201

Queries the compliance evaluation results of resources.

Operation description

In this example, the compliance evaluation result of the 23642660635396**** resource is queried and the resource is a RAM user. The returned result indicates that the resource is evaluated as NON_COMPLIANT by using the cr-7f7d626622af0041**** rule.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- For mandatory resource types, indicate with a prefix of * .
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation

Operation	Access level	Resource type	Condition key	Associated operation
config:ListResourceEvaluationResults	list	All Resources ``	none	none

Request parameters

Parameter	Type	Required	Description	Example

Parameter	Type	Required	Description	Example
ResourceType	string	No	The type of the resource. For more information about how to query the type of a resource, see ListDiscoveredResources .	ACS::RAM::User
ResourceId	string	No	The ID of the resource. For more information about how to obtain the ID of a resource, see ListDiscoveredResources .	23642660635396****
ComplianceType	string	No	The compliance evaluation result of the resource. Valid values: COMPLIANT: The resource is evaluated as compliant. NON_COMPLIANT: The resource is evaluated as non-compliant. NOT_APPLICABLE: The rule does not apply to the resources. INSUFFICIENT_DATA: No data is available. IGNORED: The resource is ignored during compliance evaluation.	NON_COMPLIANT
NextToken	string	No	The token that you want to use to initiate the current request. If the response of the previous request is truncated, you can use this token to initiate another request and obtain the remaining entries.``	IWBjqMYSy0is7zSMGu16****
MaxResults	integer	No	The maximum number of entries to return in a request. Valid values: 1 to 100.	10
Region	string	No	The ID of the region where one or more resources you want to query reside. For example, the value `global` indicates global regions and the value `cn-hangzhou` indicates the China (Hangzhou) region. For more information about how to obtain the ID of the region where a resource resides, see ListDiscoveredResources .	global

For more information about common request parameters, see Common parameters.

Response parameters

Parameter	Type	Description	Example

Parameter	Type	Description	Example
	object
RequestId	string	The ID of the request.	25C89DDB-BB79-487D-88C3-4A561F21EFC4
EvaluationResults	object	The information about the compliance evaluation results returned.
NextToken	string	The token that was used to initiate the next request.	IWBjqMYSy0is7zSMGu16****
MaxResults	integer	The maximum number of entries to return for a single request.	10
EvaluationResultList	array<object>	The details of the compliance evaluation result.
EvaluationResult	object
RiskLevel	integer	The risk level of the resources that do not comply with the rule. Valid values: 1: high risk level 2: medium risk level 3: low risk level	1
ComplianceType	string	The compliance evaluation result of the resources. Valid values: COMPLIANT: The resources are evaluated as compliant. NON_COMPLIANT: The resources are evaluated as incompliant. NOT_APPLICABLE: The rule does not apply to your resources. INSUFFICIENT_DATA: No resource data is available. IGNORED: The resource is ignored during compliance evaluation.	NON_COMPLIANT
ResultRecordedTimestamp	long	The timestamp when the compliance evaluation result was recorded. Unit: milliseconds.	1624932227595
Annotation	string	The annotation to the resource that is evaluated as incompliant. The following section describes the parameters that can be returned: `configuration`: the current resource configuration that is evaluated as incompliant by using the rule. `desiredValue`: the expected resource configuration that is evaluated as compliant by using the rule. `operator`: the operator that is used to compare the current configuration with the expected configuration of the resource. `property`: the JSON path of the current configuration in the resource property struct. `reason`: the reason why the resource is evaluated as incompliant.	{\"configuration\":\"false\",\"desiredValue\":\"True\",\"operator\":\"StringEquals\",\"property\":\"$.LoginProfile.MFABindRequired\"}
ConfigRuleInvokedTimestamp	long	The timestamp when the rule was triggered for the compliance evaluation. Unit: milliseconds.	1624932227157
InvokingEventMessageType	string	The trigger type of the managed rule. Valid values: ConfigurationItemChangeNotification: The managed rule is triggered by configuration changes. ScheduledNotification: The managed rule is periodically triggered. Manual: The rule is manually triggered.	ScheduledNotification
EvaluationResultIdentifier	object	The identifying information about the compliance evaluation result.
OrderingTimestamp	long	The timestamp when the compliance evaluation was performed. Unit: milliseconds.	1624932227157
EvaluationResultQualifier	object	The information about the evaluated resource returned in the compliance evaluation result.
ConfigRuleArn	string	The Alibaba Cloud Resource Name (ARN) of the rule.	acs:config::100931896542**:rule/cr-7f7d626622af0041**
ResourceType	string	The type of the resource.	ACS::RAM::User
ConfigRuleName	string	The name of the monitoring rule.	test-rule-name
ResourceId	string	The ID of the resource.	23642660635396****
ConfigRuleId	string	The ID of the rule.	cr-7f7d626622af0041****
ResourceName	string	The name of the resource.	Alice
RegionId	string	The ID of the region where your resources reside.	global
IgnoreDate	string	The date from which the system automatically re-evaluates the ignored incompliant resources. Note If the value of this parameter is left empty, the system does not automatically re-evaluate the ignored incompliant resources. You must re-evaluate the ignored incompliant resources.	2022-06-01
RemediationEnabled	boolean	Indicates whether the remediation template is enabled. Valid values: true: The remediation template is enabled. false: The remediation template is disabled.	true

Examples

Sample success responses

JSONformat

            
            
          
{
  "RequestId": "25C89DDB-BB79-487D-88C3-4A561F21EFC4",
  "EvaluationResults": {
    "NextToken": "IWBjqMYSy0is7zSMGu16****",
    "MaxResults": 10,
    "EvaluationResultList": [
      {
        "RiskLevel": 1,
        "ComplianceType": "NON_COMPLIANT",
        "ResultRecordedTimestamp": 1624932227595,
        "Annotation": "{\\\"configuration\\\":\\\"false\\\",\\\"desiredValue\\\":\\\"True\\\",\\\"operator\\\":\\\"StringEquals\\\",\\\"property\\\":\\\"$.LoginProfile.MFABindRequired\\\"}",
        "ConfigRuleInvokedTimestamp": 1624932227157,
        "InvokingEventMessageType": "ScheduledNotification",
        "EvaluationResultIdentifier": {
          "OrderingTimestamp": 1624932227157,
          "EvaluationResultQualifier": {
            "ConfigRuleArn": "acs:config::100931896542****:rule/cr-7f7d626622af0041****",
            "ResourceType": "ACS::RAM::User",
            "ConfigRuleName": "test-rule-name",
            "ResourceId": "23642660635396****",
            "ConfigRuleId": "cr-7f7d626622af0041****",
            "ResourceName": "Alice",
            "RegionId": "global",
            "IgnoreDate": "2022-06-01"
          }
        },
        "RemediationEnabled": true
      }
    ]
  }
}

Error codes

HTTP status code	Error code	Error message	Description

HTTP status code	Error code	Error message	Description
400	NoPermission	You are not authorized to perform this operation.	You are not authorized to perform this operation.
404	CloudConfigServiceRoleNotExisted	The CloudConfigServiceRole does not exist.	-
404	AccountNotExisted	Your account does not exist.	-
503	ServiceUnavailable	The request has failed due to a temporary failure of the server.	The request has failed due to a temporary failure of the server.

For a list of error codes, visit the Service error codes.

Feedback

Previous: ListConfigRuleEvaluationResultsNext: DeleteConfigRules

On this page （1）

Operation description

Debugging

Authorization information

Request parameters

Response parameters

Examples

Error codes

About Alibaba Cloud

Our Global Network

Quick Start

Global Offices

Olympic Games Paris 2024 New

Stade Roland Garros – Glitz from the Past New

Place de la Concorde – “Breaking” the Barriers New

Vaires-sur-Marne Nautical Stadium – Sports with Sustainability New

International Broadcast Center – Images, Sounds, and Data that Captivate Billions New

Customer Success Stories New

Trust Center

Security & Compliance Center

Cloud Compliance Resources

Security Compliance FAQs

Product & Feature Update New

Cloud Forward

Press Room

Alibaba Cloud e-Magazine New

Alibaba Cloud in Analyst Research

Notice

Go Global Service New

Go Global Alliance with Alibaba Cloud

Asia Accelerator Hot

Information Compliance

China Gateway - MLPS 2.0 Compliance New

China Gateway - Networking

China Gateway - Global Application Acceleration New

China Gateway - Security

China Gateway - Data Security New

ICP Support Hot

China Gateway - Omnichannel Data Mid-End New

China Gateway - Organizational Data Mid-End New

China Gateway - Business Mid-End New

China Gateway - AI Service for Conversational Chatbots New

China Gateway - Online Education

China Gateway - Domain Registration

Work at Alibaba Cloud

Experienced Professionals

Students and Graduates

Free Trial

Pricing

Promo Center

Price Reduction

Pay Less and Deploy More

FinOps

Elastic Compute Service (ECS)

Simple Application Server (SAS)

Elastic GPU Service

Elastic Desktop Service (EDS)

Object Storage Service (OSS)

Cloud Enterprise Network (CEN)

Web Application Firewall (WAF)

Domain Names

Lingma

Container Compute Service (ACS)

Secure Access Service Edge (SASE)

Intelligent Media Services(IMS)

Edge Security Acceleration (ESA)(Original DCDN)

Intelligent Media Management

DingTalk Enterprise

YiDA

Alibaba Cloud Model Studio

Apsara Prime - For Easy Cloud Product Selection

Alibaba Cloud ECS - Cater All Your Cloud Hosting Needs

1TB CDN—Get Free 1 TB Outbound Traffic Plan Now

Security—Under Attack? Get Free Security Support

Short Message Service - Free Testing is Available

Elastic Compute Service (ECS) Hot

CloudBox

Compute Nest

Dedicated Host Hot

ECS Bare Metal Instance

Elastic GPU Service Featured

Simple Application Server (SAS) Hot

Auto Scaling

Cloud Phone Beta

Elastic Desktop Service (EDS) Featured

Batch Compute

Elastic High Performance Computing (E-HPC)

Super Computing Cluster (SCC)