latest--aws-iot-accountauditconfiguration

Type	object
Schema URL	https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--aws-iot-accountauditconfiguration.json
Parent schema	serverless-framework-configuration

Type: object

Configures the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled.. Source:- https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-iot.git

Properties

AccountId string | Aws_CF_FunctionString required

Your 12-digit account ID (used as the primary identifier for the CloudFormation resource).

AuditCheckConfigurations object required

Specifies which audit checks are enabled and disabled for this account.

16 nested properties

AuthenticatedCognitoRoleOverlyPermissiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

CaCertificateExpiringCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

CaCertificateKeyQualityCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

ConflictingClientIdsCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

DeviceCertificateExpiringCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

DeviceCertificateKeyQualityCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

DeviceCertificateSharedCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IotPolicyOverlyPermissiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IotRoleAliasAllowsAccessToUnusedServicesCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IotRoleAliasOverlyPermissiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

LoggingDisabledCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

RevokedCaCertificateStillActiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

RevokedDeviceCertificateStillActiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

UnauthenticatedCognitoRoleOverlyPermissiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IntermediateCaRevokedForActiveDeviceCertificatesCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IoTPolicyPotentialMisConfigurationCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

RoleArn string | Aws_CF_FunctionString required

The ARN of the role that grants permission to AWS IoT to access information about your devices, policies, certificates and other items as required when performing an audit.

AuditNotificationTargetConfigurations object

Information about the targets to which audit notifications are sent.

1 nested properties

Sns object

3 nested properties

TargetArn string | Aws_CF_FunctionString

The ARN of the target (SNS topic) to which audit notifications are sent.

RoleArn string | Aws_CF_FunctionString

The ARN of the role that grants permission to send notifications to the target.

Enabled boolean

True if notifications to the target are enabled.

Definitions

AuditCheckConfigurations object

Specifies which audit checks are enabled and disabled for this account.

AuthenticatedCognitoRoleOverlyPermissiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

CaCertificateExpiringCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

CaCertificateKeyQualityCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

ConflictingClientIdsCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

DeviceCertificateExpiringCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

DeviceCertificateKeyQualityCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

DeviceCertificateSharedCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IotPolicyOverlyPermissiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IotRoleAliasAllowsAccessToUnusedServicesCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IotRoleAliasOverlyPermissiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

LoggingDisabledCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

RevokedCaCertificateStillActiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

RevokedDeviceCertificateStillActiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

UnauthenticatedCognitoRoleOverlyPermissiveCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IntermediateCaRevokedForActiveDeviceCertificatesCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

IoTPolicyPotentialMisConfigurationCheck object

The configuration for a specific audit check.

1 nested properties

Enabled boolean

True if the check is enabled.

AuditNotificationTargetConfigurations object

Information about the targets to which audit notifications are sent.

Sns object

3 nested properties

TargetArn string | Aws_CF_FunctionString

The ARN of the target (SNS topic) to which audit notifications are sent.

RoleArn string | Aws_CF_FunctionString

The ARN of the role that grants permission to send notifications to the target.

Enabled boolean

True if notifications to the target are enabled.

AuditCheckConfiguration object

The configuration for a specific audit check.

Enabled boolean

True if the check is enabled.

AuditNotificationTarget object

TargetArn string | Aws_CF_FunctionString

The ARN of the target (SNS topic) to which audit notifications are sent.

RoleArn string | Aws_CF_FunctionString

The ARN of the role that grants permission to send notifications to the target.

Enabled boolean

True if notifications to the target are enabled.