IoT *** Client ====== class IoT.Client A low-level client representing AWS IoT IoT provides secure, bi-directional communication between Internet- connected devices (such as sensors, actuators, embedded devices, or smart appliances) and the Amazon Web Services cloud. You can discover your custom IoT-Data endpoint to communicate with, configure rules for data processing and integration with other services, organize resources associated with each device (Registry), configure logging, and create and manage policies and credentials to authenticate devices. The service endpoints that expose this API are listed in Amazon Web Services IoT Core Endpoints and Quotas. You must use the endpoint for the region that has the resources you want to access. The service name used by Amazon Web Services Signature Version 4 to sign the request is: *execute-api*. For more information about how IoT works, see the Developer Guide. For information about how to use the credentials provider for IoT, see Authorizing Direct Calls to Amazon Web Services Services. import boto3 client = boto3.client('iot') These are the available methods: * accept_certificate_transfer * add_thing_to_billing_group * add_thing_to_thing_group * associate_sbom_with_package_version * associate_targets_with_job * attach_policy * attach_principal_policy * attach_security_profile * attach_thing_principal * can_paginate * cancel_audit_mitigation_actions_task * cancel_audit_task * cancel_certificate_transfer * cancel_detect_mitigation_actions_task * cancel_job * cancel_job_execution * clear_default_authorizer * close * confirm_topic_rule_destination * create_audit_suppression * create_authorizer * create_billing_group * create_certificate_from_csr * create_certificate_provider * create_command * create_custom_metric * create_dimension * create_domain_configuration * create_dynamic_thing_group * create_fleet_metric * create_job * create_job_template * create_keys_and_certificate * create_mitigation_action * create_ota_update * create_package * create_package_version * create_policy * create_policy_version * create_provisioning_claim * create_provisioning_template * create_provisioning_template_version * create_role_alias * create_scheduled_audit * create_security_profile * create_stream * create_thing * create_thing_group * create_thing_type * create_topic_rule * create_topic_rule_destination * delete_account_audit_configuration * delete_audit_suppression * delete_authorizer * delete_billing_group * delete_ca_certificate * delete_certificate * delete_certificate_provider * delete_command * delete_command_execution * delete_custom_metric * delete_dimension * delete_domain_configuration * delete_dynamic_thing_group * delete_fleet_metric * delete_job * delete_job_execution * delete_job_template * delete_mitigation_action * delete_ota_update * delete_package * delete_package_version * delete_policy * delete_policy_version * delete_provisioning_template * delete_provisioning_template_version * delete_registration_code * delete_role_alias * delete_scheduled_audit * delete_security_profile * delete_stream * delete_thing * delete_thing_group * delete_thing_type * delete_topic_rule * delete_topic_rule_destination * delete_v2_logging_level * deprecate_thing_type * describe_account_audit_configuration * describe_audit_finding * describe_audit_mitigation_actions_task * describe_audit_suppression * describe_audit_task * describe_authorizer * describe_billing_group * describe_ca_certificate * describe_certificate * describe_certificate_provider * describe_custom_metric * describe_default_authorizer * describe_detect_mitigation_actions_task * describe_dimension * describe_domain_configuration * describe_encryption_configuration * describe_endpoint * describe_event_configurations * describe_fleet_metric * describe_index * describe_job * describe_job_execution * describe_job_template * describe_managed_job_template * describe_mitigation_action * describe_provisioning_template * describe_provisioning_template_version * describe_role_alias * describe_scheduled_audit * describe_security_profile * describe_stream * describe_thing * describe_thing_group * describe_thing_registration_task * describe_thing_type * detach_policy * detach_principal_policy * detach_security_profile * detach_thing_principal * disable_topic_rule * disassociate_sbom_from_package_version * enable_topic_rule * get_behavior_model_training_summaries * get_buckets_aggregation * get_cardinality * get_command * get_command_execution * get_effective_policies * get_indexing_configuration * get_job_document * get_logging_options * get_ota_update * get_package * get_package_configuration * get_package_version * get_paginator * get_percentiles * get_policy * get_policy_version * get_registration_code * get_statistics * get_thing_connectivity_data * get_topic_rule * get_topic_rule_destination * get_v2_logging_options * get_waiter * list_active_violations * list_attached_policies * list_audit_findings * list_audit_mitigation_actions_executions * list_audit_mitigation_actions_tasks * list_audit_suppressions * list_audit_tasks * list_authorizers * list_billing_groups * list_ca_certificates * list_certificate_providers * list_certificates * list_certificates_by_ca * list_command_executions * list_commands * list_custom_metrics * list_detect_mitigation_actions_executions * list_detect_mitigation_actions_tasks * list_dimensions * list_domain_configurations * list_fleet_metrics * list_indices * list_job_executions_for_job * list_job_executions_for_thing * list_job_templates * list_jobs * list_managed_job_templates * list_metric_values * list_mitigation_actions * list_ota_updates * list_outgoing_certificates * list_package_versions * list_packages * list_policies * list_policy_principals * list_policy_versions * list_principal_policies * list_principal_things * list_principal_things_v2 * list_provisioning_template_versions * list_provisioning_templates * list_related_resources_for_audit_finding * list_role_aliases * list_sbom_validation_results * list_scheduled_audits * list_security_profiles * list_security_profiles_for_target * list_streams * list_tags_for_resource * list_targets_for_policy * list_targets_for_security_profile * list_thing_groups * list_thing_groups_for_thing * list_thing_principals * list_thing_principals_v2 * list_thing_registration_task_reports * list_thing_registration_tasks * list_thing_types * list_things * list_things_in_billing_group * list_things_in_thing_group * list_topic_rule_destinations * list_topic_rules * list_v2_logging_levels * list_violation_events * put_verification_state_on_violation * register_ca_certificate * register_certificate * register_certificate_without_ca * register_thing * reject_certificate_transfer * remove_thing_from_billing_group * remove_thing_from_thing_group * replace_topic_rule * search_index * set_default_authorizer * set_default_policy_version * set_logging_options * set_v2_logging_level * set_v2_logging_options * start_audit_mitigation_actions_task * start_detect_mitigation_actions_task * start_on_demand_audit_task * start_thing_registration_task * stop_thing_registration_task * tag_resource * test_authorization * test_invoke_authorizer * transfer_certificate * untag_resource * update_account_audit_configuration * update_audit_suppression * update_authorizer * update_billing_group * update_ca_certificate * update_certificate * update_certificate_provider * update_command * update_custom_metric * update_dimension * update_domain_configuration * update_dynamic_thing_group * update_encryption_configuration * update_event_configurations * update_fleet_metric * update_indexing_configuration * update_job * update_mitigation_action * update_package * update_package_configuration * update_package_version * update_provisioning_template * update_role_alias * update_scheduled_audit * update_security_profile * update_stream * update_thing * update_thing_group * update_thing_groups_for_thing * update_thing_type * update_topic_rule_destination * validate_security_profile_behaviors Paginators ========== Paginators are available on a client instance via the "get_paginator" method. For more detailed instructions and examples on the usage of paginators, see the paginators user guide. The available paginators are: * GetBehaviorModelTrainingSummaries * ListActiveViolations * ListAttachedPolicies * ListAuditFindings * ListAuditMitigationActionsExecutions * ListAuditMitigationActionsTasks * ListAuditSuppressions * ListAuditTasks * ListAuthorizers * ListBillingGroups * ListCACertificates * ListCertificates * ListCertificatesByCA * ListCommandExecutions * ListCommands * ListCustomMetrics * ListDetectMitigationActionsExecutions * ListDetectMitigationActionsTasks * ListDimensions * ListDomainConfigurations * ListFleetMetrics * ListIndices * ListJobExecutionsForJob * ListJobExecutionsForThing * ListJobTemplates * ListJobs * ListManagedJobTemplates * ListMetricValues * ListMitigationActions * ListOTAUpdates * ListOutgoingCertificates * ListPackageVersions * ListPackages * ListPolicies * ListPolicyPrincipals * ListPrincipalPolicies * ListPrincipalThings * ListPrincipalThingsV2 * ListProvisioningTemplateVersions * ListProvisioningTemplates * ListRelatedResourcesForAuditFinding * ListRoleAliases * ListSbomValidationResults * ListScheduledAudits * ListSecurityProfiles * ListSecurityProfilesForTarget * ListStreams * ListTagsForResource * ListTargetsForPolicy * ListTargetsForSecurityProfile * ListThingGroups * ListThingGroupsForThing * ListThingPrincipals * ListThingPrincipalsV2 * ListThingRegistrationTaskReports * ListThingRegistrationTasks * ListThingTypes * ListThings * ListThingsInBillingGroup * ListThingsInThingGroup * ListTopicRuleDestinations * ListTopicRules * ListV2LoggingLevels * ListViolationEvents IoT / Paginator / ListAuthorizers ListAuthorizers *************** class IoT.Paginator.ListAuthorizers paginator = client.get_paginator('list_authorizers') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_authorizers()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( ascendingOrder=True|False, status='ACTIVE'|'INACTIVE', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **ascendingOrder** (*boolean*) -- Return the list of authorizers in ascending alphabetical order. * **status** (*string*) -- The status of the list authorizers request. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'authorizers': [ { 'authorizerName': 'string', 'authorizerArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **authorizers** *(list) --* The authorizers. * *(dict) --* The authorizer summary. * **authorizerName** *(string) --* The authorizer name. * **authorizerArn** *(string) --* The authorizer ARN. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListTargetsForPolicy ListTargetsForPolicy ******************** class IoT.Paginator.ListTargetsForPolicy paginator = client.get_paginator('list_targets_for_policy') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_targets_for_policy()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( policyName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **policyName** (*string*) -- **[REQUIRED]** The policy name. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'targets': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **targets** *(list) --* The policy targets. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListAuditSuppressions ListAuditSuppressions ********************* class IoT.Paginator.ListAuditSuppressions paginator = client.get_paginator('list_audit_suppressions') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_audit_suppressions()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( checkName='string', resourceIdentifier={ 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **checkName** (*string*) -- An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * **resourceIdentifier** (*dict*) -- Information that identifies the noncompliant resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **ascendingOrder** (*boolean*) -- Determines whether suppressions are listed in ascending order by expiration date or not. If parameter isn't provided, "ascendingOrder=true". * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'suppressions': [ { 'checkName': 'string', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'expirationDate': datetime(2015, 1, 1), 'suppressIndefinitely': True|False, 'description': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **suppressions** *(list) --* List of audit suppressions. * *(dict) --* Filters out specific findings of a Device Defender audit. * **checkName** *(string) --* An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * **resourceIdentifier** *(dict) --* Information that identifies the noncompliant resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **expirationDate** *(datetime) --* The expiration date (epoch timestamp in seconds) that you want the suppression to adhere to. * **suppressIndefinitely** *(boolean) --* Indicates whether a suppression should exist indefinitely or not. * **description** *(string) --* The description of the audit suppression. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListTagsForResource ListTagsForResource ******************* class IoT.Paginator.ListTagsForResource paginator = client.get_paginator('list_tags_for_resource') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_tags_for_resource()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( resourceArn='string', PaginationConfig={ 'MaxItems': 123, 'StartingToken': 'string' } ) Parameters: * **resourceArn** (*string*) -- **[REQUIRED]** The ARN of the resource. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **tags** *(list) --* The list of tags assigned to the resource. * *(dict) --* A set of key/value pairs that are used to manage the resource. * **Key** *(string) --* The tag's key. * **Value** *(string) --* The tag's value. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListViolationEvents ListViolationEvents ******************* class IoT.Paginator.ListViolationEvents paginator = client.get_paginator('list_violation_events') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_violation_events()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), thingName='string', securityProfileName='string', behaviorCriteriaType='STATIC'|'STATISTICAL'|'MACHINE_LEARNING', listSuppressedAlerts=True|False, verificationState='FALSE_POSITIVE'|'BENIGN_POSITIVE'|'TRUE_POSITIVE'|'UNKNOWN', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **startTime** (*datetime*) -- **[REQUIRED]** The start time for the alerts to be listed. * **endTime** (*datetime*) -- **[REQUIRED]** The end time for the alerts to be listed. * **thingName** (*string*) -- A filter to limit results to those alerts caused by the specified thing. * **securityProfileName** (*string*) -- A filter to limit results to those alerts generated by the specified security profile. * **behaviorCriteriaType** (*string*) -- The criteria for a behavior. * **listSuppressedAlerts** (*boolean*) -- A list of all suppressed alerts. * **verificationState** (*string*) -- The verification state of the violation (detect alarm). * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'violationEvents': [ { 'violationId': 'string', 'thingName': 'string', 'securityProfileName': 'string', 'behavior': { 'name': 'string', 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'criteria': { 'comparisonOperator': 'less-than'|'less-than-equals'|'greater-than'|'greater-than-equals'|'in-cidr-set'|'not-in-cidr-set'|'in-port-set'|'not-in-port-set'|'in-set'|'not-in-set', 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'durationSeconds': 123, 'consecutiveDatapointsToAlarm': 123, 'consecutiveDatapointsToClear': 123, 'statisticalThreshold': { 'statistic': 'string' }, 'mlDetectionConfig': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' } }, 'suppressAlerts': True|False, 'exportMetric': True|False }, 'metricValue': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'violationEventAdditionalInfo': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' }, 'violationEventType': 'in-alarm'|'alarm-cleared'|'alarm-invalidated', 'verificationState': 'FALSE_POSITIVE'|'BENIGN_POSITIVE'|'TRUE_POSITIVE'|'UNKNOWN', 'verificationStateDescription': 'string', 'violationEventTime': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **violationEvents** *(list) --* The security profile violation alerts issued for this account during the given time period, potentially filtered by security profile, behavior violated, or thing (device) violating. * *(dict) --* Information about a Device Defender security profile behavior violation. * **violationId** *(string) --* The ID of the violation event. * **thingName** *(string) --* The name of the thing responsible for the violation event. * **securityProfileName** *(string) --* The name of the security profile whose behavior was violated. * **behavior** *(dict) --* The behavior that was violated. * **name** *(string) --* The name you've given to the behavior. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension for a metric in your behavior. For example, using a "TOPIC_FILTER" dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can't be used with custom metrics. * **dimensionName** *(string) --* A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **criteria** *(dict) --* The criteria that determine if a device is behaving normally in regard to the "metric". Note: In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously. * **comparisonOperator** *(string) --* The operator that relates the thing measured ( "metric") to the criteria (containing a "value" or "statisticalThreshold"). Valid operators include: * "string-list": "in-set" and "not-in-set" * "number-list": "in-set" and "not-in-set" * "ip-address-list": "in-cidr-set" and "not-in- cidr-set" * "number": "less-than", "less-than-equals", "greater-than", and "greater-than-equals" * **value** *(dict) --* The value to be compared with the "metric". * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **durationSeconds** *(integer) --* Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, "NUM_MESSAGES_SENT"). For a "statisticalThreshhold" metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes. * **consecutiveDatapointsToAlarm** *(integer) --* If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. * **consecutiveDatapointsToClear** *(integer) --* If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. * **statisticalThreshold** *(dict) --* A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. * **statistic** *(string) --* The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( "durationSeconds") from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( "comparisonOperator") the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs. * **mlDetectionConfig** *(dict) --* The configuration of an ML Detect * **confidenceLevel** *(string) --* The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **suppressAlerts** *(boolean) --* Suppresses alerts. * **exportMetric** *(boolean) --* Value indicates exporting metrics related to the behavior when it is true. * **metricValue** *(dict) --* The value of the metric (the measurement). * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **violationEventAdditionalInfo** *(dict) --* The details of a violation event. * **confidenceLevel** *(string) --* The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **violationEventType** *(string) --* The type of violation event. * **verificationState** *(string) --* The verification state of the violation (detect alarm). * **verificationStateDescription** *(string) --* The description of the verification state of the violation. * **violationEventTime** *(datetime) --* The time the violation event occurred. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListAuditMitigationActionsTasks ListAuditMitigationActionsTasks ******************************* class IoT.Paginator.ListAuditMitigationActionsTasks paginator = client.get_paginator('list_audit_mitigation_actions_tasks') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_audit_mitigation_actions_tasks()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( auditTaskId='string', findingId='string', taskStatus='IN_PROGRESS'|'COMPLETED'|'FAILED'|'CANCELED', startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **auditTaskId** (*string*) -- Specify this filter to limit results to tasks that were applied to results for a specific audit. * **findingId** (*string*) -- Specify this filter to limit results to tasks that were applied to a specific audit finding. * **taskStatus** (*string*) -- Specify this filter to limit results to tasks that are in a specific state. * **startTime** (*datetime*) -- **[REQUIRED]** Specify this filter to limit results to tasks that began on or after a specific date and time. * **endTime** (*datetime*) -- **[REQUIRED]** Specify this filter to limit results to tasks that were completed or canceled on or before a specific date and time. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'tasks': [ { 'taskId': 'string', 'startTime': datetime(2015, 1, 1), 'taskStatus': 'IN_PROGRESS'|'COMPLETED'|'FAILED'|'CANCELED' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **tasks** *(list) --* The collection of audit mitigation tasks that matched the filter criteria. * *(dict) --* Information about an audit mitigation actions task that is returned by "ListAuditMitigationActionsTasks". * **taskId** *(string) --* The unique identifier for the task. * **startTime** *(datetime) --* The time at which the audit mitigation actions task was started. * **taskStatus** *(string) --* The current state of the audit mitigation actions task. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / GetBehaviorModelTrainingSummaries GetBehaviorModelTrainingSummaries ********************************* class IoT.Paginator.GetBehaviorModelTrainingSummaries paginator = client.get_paginator('get_behavior_model_training_summaries') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.get_behavior_model_training_summaries()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( securityProfileName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **securityProfileName** (*string*) -- The name of the security profile. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'summaries': [ { 'securityProfileName': 'string', 'behaviorName': 'string', 'trainingDataCollectionStartDate': datetime(2015, 1, 1), 'modelStatus': 'PENDING_BUILD'|'ACTIVE'|'EXPIRED', 'datapointsCollectionPercentage': 123.0, 'lastModelRefreshDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **summaries** *(list) --* A list of all ML Detect behaviors and their model status for a given Security Profile. * *(dict) --* The summary of an ML Detect behavior model. * **securityProfileName** *(string) --* The name of the security profile. * **behaviorName** *(string) --* The name of the behavior. * **trainingDataCollectionStartDate** *(datetime) --* The date a training model started collecting data. * **modelStatus** *(string) --* The status of the behavior model. * **datapointsCollectionPercentage** *(float) --* The percentage of datapoints collected. * **lastModelRefreshDate** *(datetime) --* The date the model was last refreshed. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListPolicies ListPolicies ************ class IoT.Paginator.ListPolicies paginator = client.get_paginator('list_policies') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_policies()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **ascendingOrder** (*boolean*) -- Specifies the order for results. If true, the results are returned in ascending creation order. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'policies': [ { 'policyName': 'string', 'policyArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListPolicies operation. * **policies** *(list) --* The descriptions of the policies. * *(dict) --* Describes an IoT policy. * **policyName** *(string) --* The policy name. * **policyArn** *(string) --* The policy ARN. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListStreams ListStreams *********** class IoT.Paginator.ListStreams paginator = client.get_paginator('list_streams') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_streams()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **ascendingOrder** (*boolean*) -- Set to true to return the list of streams in ascending order. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'streams': [ { 'streamId': 'string', 'streamArn': 'string', 'streamVersion': 123, 'description': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **streams** *(list) --* A list of streams. * *(dict) --* A summary of a stream. * **streamId** *(string) --* The stream ID. * **streamArn** *(string) --* The stream ARN. * **streamVersion** *(integer) --* The stream version. * **description** *(string) --* A description of the stream. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListRelatedResourcesForAuditFinding ListRelatedResourcesForAuditFinding *********************************** class IoT.Paginator.ListRelatedResourcesForAuditFinding paginator = client.get_paginator('list_related_resources_for_audit_finding') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_related_resources_for_audit_finding()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( findingId='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **findingId** (*string*) -- **[REQUIRED]** The finding Id. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'relatedResources': [ { 'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'additionalInfo': { 'string': 'string' } }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **relatedResources** *(list) --* The related resources. * *(dict) --* Information about a related resource. * **resourceType** *(string) --* The type of resource. * **resourceIdentifier** *(dict) --* Information that identifies the resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **additionalInfo** *(dict) --* Other information about the resource. * *(string) --* * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListProvisioningTemplateVersions ListProvisioningTemplateVersions ******************************** class IoT.Paginator.ListProvisioningTemplateVersions paginator = client.get_paginator('list_provisioning_template_versions') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_provisioning_template_versions()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( templateName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **templateName** (*string*) -- **[REQUIRED]** The name of the provisioning template. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'versions': [ { 'versionId': 123, 'creationDate': datetime(2015, 1, 1), 'isDefaultVersion': True|False }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **versions** *(list) --* The list of provisioning template versions. * *(dict) --* A summary of information about a fleet provision template version. * **versionId** *(integer) --* The ID of the fleet provisioning template version. * **creationDate** *(datetime) --* The date when the provisioning template version was created * **isDefaultVersion** *(boolean) --* True if the provisioning template version is the default version, otherwise false. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingsInThingGroup ListThingsInThingGroup ********************** class IoT.Paginator.ListThingsInThingGroup paginator = client.get_paginator('list_things_in_thing_group') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_things_in_thing_group()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( thingGroupName='string', recursive=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **thingGroupName** (*string*) -- **[REQUIRED]** The thing group name. * **recursive** (*boolean*) -- When true, list things in this thing group and in all child groups as well. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'things': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **things** *(list) --* The things in the specified thing group. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListPrincipalPolicies ListPrincipalPolicies ********************* class IoT.Paginator.ListPrincipalPolicies paginator = client.get_paginator('list_principal_policies') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_principal_policies()". Danger: This operation is deprecated and may not function as expected. This operation should not be used going forward and is only kept for the purpose of backwards compatiblity. See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( principal='string', ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **principal** (*string*) -- **[REQUIRED]** The principal. Valid principals are CertificateArn (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and CognitoId (*region*:*id*). * **ascendingOrder** (*boolean*) -- Specifies the order for results. If true, results are returned in ascending creation order. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'policies': [ { 'policyName': 'string', 'policyArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListPrincipalPolicies operation. * **policies** *(list) --* The policies. * *(dict) --* Describes an IoT policy. * **policyName** *(string) --* The policy name. * **policyArn** *(string) --* The policy ARN. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListManagedJobTemplates ListManagedJobTemplates *********************** class IoT.Paginator.ListManagedJobTemplates paginator = client.get_paginator('list_managed_job_templates') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_managed_job_templates()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( templateName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **templateName** (*string*) -- An optional parameter for template name. If specified, only the versions of the managed job templates that have the specified template name will be returned. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'managedJobTemplates': [ { 'templateArn': 'string', 'templateName': 'string', 'description': 'string', 'environments': [ 'string', ], 'templateVersion': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **managedJobTemplates** *(list) --* A list of managed job templates that are returned. * *(dict) --* An object that contains information about the managed template. * **templateArn** *(string) --* The Amazon Resource Name (ARN) for a managed template. * **templateName** *(string) --* The unique Name for a managed template. * **description** *(string) --* The description for a managed template. * **environments** *(list) --* A list of environments that are supported with the managed job template. * *(string) --* * **templateVersion** *(string) --* The version for a managed template. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListJobTemplates ListJobTemplates **************** class IoT.Paginator.ListJobTemplates paginator = client.get_paginator('list_job_templates') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_job_templates()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'jobTemplates': [ { 'jobTemplateArn': 'string', 'jobTemplateId': 'string', 'description': 'string', 'createdAt': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **jobTemplates** *(list) --* A list of objects that contain information about the job templates. * *(dict) --* An object that contains information about the job template. * **jobTemplateArn** *(string) --* The ARN of the job template. * **jobTemplateId** *(string) --* The unique identifier of the job template. * **description** *(string) --* A description of the job template. * **createdAt** *(datetime) --* The time, in seconds since the epoch, when the job template was created. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListCustomMetrics ListCustomMetrics ***************** class IoT.Paginator.ListCustomMetrics paginator = client.get_paginator('list_custom_metrics') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_custom_metrics()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'metricNames': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **metricNames** *(list) --* The name of the custom metric. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListSbomValidationResults ListSbomValidationResults ************************* class IoT.Paginator.ListSbomValidationResults paginator = client.get_paginator('list_sbom_validation_results') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_sbom_validation_results()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( packageName='string', versionName='string', validationResult='FAILED'|'SUCCEEDED', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the new software package. * **versionName** (*string*) -- **[REQUIRED]** The name of the new package version. * **validationResult** (*string*) -- The end result of the * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'validationResultSummaries': [ { 'fileName': 'string', 'validationResult': 'FAILED'|'SUCCEEDED', 'errorCode': 'INCOMPATIBLE_FORMAT'|'FILE_SIZE_LIMIT_EXCEEDED', 'errorMessage': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **validationResultSummaries** *(list) --* A summary of the validation results for each software bill of materials attached to a software package version. * *(dict) --* A summary of the validation results for a specific software bill of materials (SBOM) attached to a software package version. * **fileName** *(string) --* The name of the SBOM file. * **validationResult** *(string) --* The end result of the SBOM validation. * **errorCode** *(string) --* The "errorCode" representing the validation failure error if the SBOM validation failed. * **errorMessage** *(string) --* The "errorMessage" representing the validation failure error if the SBOM validation failed. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListPolicyPrincipals ListPolicyPrincipals ******************** class IoT.Paginator.ListPolicyPrincipals paginator = client.get_paginator('list_policy_principals') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_policy_principals()". Danger: This operation is deprecated and may not function as expected. This operation should not be used going forward and is only kept for the purpose of backwards compatiblity. See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( policyName='string', ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **policyName** (*string*) -- **[REQUIRED]** The policy name. * **ascendingOrder** (*boolean*) -- Specifies the order for results. If true, the results are returned in ascending creation order. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'principals': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListPolicyPrincipals operation. * **principals** *(list) --* The descriptions of the principals. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingPrincipals ListThingPrincipals ******************* class IoT.Paginator.ListThingPrincipals paginator = client.get_paginator('list_thing_principals') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_thing_principals()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( thingName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The name of the thing. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'principals': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListThingPrincipals operation. * **principals** *(list) --* The principals associated with the thing. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListProvisioningTemplates ListProvisioningTemplates ************************* class IoT.Paginator.ListProvisioningTemplates paginator = client.get_paginator('list_provisioning_templates') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_provisioning_templates()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'templates': [ { 'templateArn': 'string', 'templateName': 'string', 'description': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'enabled': True|False, 'type': 'FLEET_PROVISIONING'|'JITP' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **templates** *(list) --* A list of provisioning templates * *(dict) --* A summary of information about a provisioning template. * **templateArn** *(string) --* The ARN of the provisioning template. * **templateName** *(string) --* The name of the provisioning template. * **description** *(string) --* The description of the provisioning template. * **creationDate** *(datetime) --* The date when the provisioning template summary was created. * **lastModifiedDate** *(datetime) --* The date when the provisioning template summary was last modified. * **enabled** *(boolean) --* True if the fleet provision template is enabled, otherwise false. * **type** *(string) --* The type you define in a provisioning template. You can create a template with only one type. You can't change the template type after its creation. The default value is "FLEET_PROVISIONING". For more information about provisioning template, see: Provisioning template. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListCertificatesByCA ListCertificatesByCA ******************** class IoT.Paginator.ListCertificatesByCA paginator = client.get_paginator('list_certificates_by_ca') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_certificates_by_ca()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( caCertificateId='string', ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **caCertificateId** (*string*) -- **[REQUIRED]** The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate. * **ascendingOrder** (*boolean*) -- Specifies the order for results. If True, the results are returned in ascending order, based on the creation date. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'certificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION', 'certificateMode': 'DEFAULT'|'SNI_ONLY', 'creationDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output of the ListCertificatesByCA operation. * **certificates** *(list) --* The device certificates signed by the specified CA certificate. * *(dict) --* Information about a certificate. * **certificateArn** *(string) --* The ARN of the certificate. * **certificateId** *(string) --* The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.) * **status** *(string) --* The status of the certificate. The status value REGISTER_INACTIVE is deprecated and should not be used. * **certificateMode** *(string) --* The mode of the certificate. "DEFAULT": A certificate in "DEFAULT" mode is either generated by Amazon Web Services IoT Core or registered with an issuer certificate authority (CA) in "DEFAULT" mode. Devices with certificates in "DEFAULT" mode aren't required to send the Server Name Indication (SNI) extension when connecting to Amazon Web Services IoT Core. However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to Amazon Web Services IoT Core. "SNI_ONLY": A certificate in "SNI_ONLY" mode is registered without an issuer CA. Devices with certificates in "SNI_ONLY" mode must send the SNI extension when connecting to Amazon Web Services IoT Core. * **creationDate** *(datetime) --* The date and time the certificate was created. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListActiveViolations ListActiveViolations ******************** class IoT.Paginator.ListActiveViolations paginator = client.get_paginator('list_active_violations') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_active_violations()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( thingName='string', securityProfileName='string', behaviorCriteriaType='STATIC'|'STATISTICAL'|'MACHINE_LEARNING', listSuppressedAlerts=True|False, verificationState='FALSE_POSITIVE'|'BENIGN_POSITIVE'|'TRUE_POSITIVE'|'UNKNOWN', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **thingName** (*string*) -- The name of the thing whose active violations are listed. * **securityProfileName** (*string*) -- The name of the Device Defender security profile for which violations are listed. * **behaviorCriteriaType** (*string*) -- The criteria for a behavior. * **listSuppressedAlerts** (*boolean*) -- A list of all suppressed alerts. * **verificationState** (*string*) -- The verification state of the violation (detect alarm). * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'activeViolations': [ { 'violationId': 'string', 'thingName': 'string', 'securityProfileName': 'string', 'behavior': { 'name': 'string', 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'criteria': { 'comparisonOperator': 'less-than'|'less-than-equals'|'greater-than'|'greater-than-equals'|'in-cidr-set'|'not-in-cidr-set'|'in-port-set'|'not-in-port-set'|'in-set'|'not-in-set', 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'durationSeconds': 123, 'consecutiveDatapointsToAlarm': 123, 'consecutiveDatapointsToClear': 123, 'statisticalThreshold': { 'statistic': 'string' }, 'mlDetectionConfig': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' } }, 'suppressAlerts': True|False, 'exportMetric': True|False }, 'lastViolationValue': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'violationEventAdditionalInfo': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' }, 'verificationState': 'FALSE_POSITIVE'|'BENIGN_POSITIVE'|'TRUE_POSITIVE'|'UNKNOWN', 'verificationStateDescription': 'string', 'lastViolationTime': datetime(2015, 1, 1), 'violationStartTime': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **activeViolations** *(list) --* The list of active violations. * *(dict) --* Information about an active Device Defender security profile behavior violation. * **violationId** *(string) --* The ID of the active violation. * **thingName** *(string) --* The name of the thing responsible for the active violation. * **securityProfileName** *(string) --* The security profile with the behavior is in violation. * **behavior** *(dict) --* The behavior that is being violated. * **name** *(string) --* The name you've given to the behavior. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension for a metric in your behavior. For example, using a "TOPIC_FILTER" dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can't be used with custom metrics. * **dimensionName** *(string) --* A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **criteria** *(dict) --* The criteria that determine if a device is behaving normally in regard to the "metric". Note: In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously. * **comparisonOperator** *(string) --* The operator that relates the thing measured ( "metric") to the criteria (containing a "value" or "statisticalThreshold"). Valid operators include: * "string-list": "in-set" and "not-in-set" * "number-list": "in-set" and "not-in-set" * "ip-address-list": "in-cidr-set" and "not-in- cidr-set" * "number": "less-than", "less-than-equals", "greater-than", and "greater-than-equals" * **value** *(dict) --* The value to be compared with the "metric". * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **durationSeconds** *(integer) --* Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, "NUM_MESSAGES_SENT"). For a "statisticalThreshhold" metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes. * **consecutiveDatapointsToAlarm** *(integer) --* If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. * **consecutiveDatapointsToClear** *(integer) --* If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. * **statisticalThreshold** *(dict) --* A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. * **statistic** *(string) --* The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( "durationSeconds") from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( "comparisonOperator") the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs. * **mlDetectionConfig** *(dict) --* The configuration of an ML Detect * **confidenceLevel** *(string) --* The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **suppressAlerts** *(boolean) --* Suppresses alerts. * **exportMetric** *(boolean) --* Value indicates exporting metrics related to the behavior when it is true. * **lastViolationValue** *(dict) --* The value of the metric (the measurement) that caused the most recent violation. * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **violationEventAdditionalInfo** *(dict) --* The details of a violation event. * **confidenceLevel** *(string) --* The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **verificationState** *(string) --* The verification state of the violation (detect alarm). * **verificationStateDescription** *(string) --* The description of the verification state of the violation. * **lastViolationTime** *(datetime) --* The time the most recent violation occurred. * **violationStartTime** *(datetime) --* The time the violation started. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListOTAUpdates ListOTAUpdates ************** class IoT.Paginator.ListOTAUpdates paginator = client.get_paginator('list_ota_updates') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_ota_updates()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( otaUpdateStatus='CREATE_PENDING'|'CREATE_IN_PROGRESS'|'CREATE_COMPLETE'|'CREATE_FAILED'|'DELETE_IN_PROGRESS'|'DELETE_FAILED', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **otaUpdateStatus** (*string*) -- The OTA update job status. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'otaUpdates': [ { 'otaUpdateId': 'string', 'otaUpdateArn': 'string', 'creationDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **otaUpdates** *(list) --* A list of OTA update jobs. * *(dict) --* An OTA update summary. * **otaUpdateId** *(string) --* The OTA update ID. * **otaUpdateArn** *(string) --* The OTA update ARN. * **creationDate** *(datetime) --* The date when the OTA update was created. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListAuditTasks ListAuditTasks ************** class IoT.Paginator.ListAuditTasks paginator = client.get_paginator('list_audit_tasks') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_audit_tasks()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), taskType='ON_DEMAND_AUDIT_TASK'|'SCHEDULED_AUDIT_TASK', taskStatus='IN_PROGRESS'|'COMPLETED'|'FAILED'|'CANCELED', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **startTime** (*datetime*) -- **[REQUIRED]** The beginning of the time period. Audit information is retained for a limited time (90 days). Requesting a start time prior to what is retained results in an "InvalidRequestException". * **endTime** (*datetime*) -- **[REQUIRED]** The end of the time period. * **taskType** (*string*) -- A filter to limit the output to the specified type of audit: can be one of "ON_DEMAND_AUDIT_TASK" or "SCHEDULED__AUDIT_TASK". * **taskStatus** (*string*) -- A filter to limit the output to audits with the specified completion status: can be one of "IN_PROGRESS", "COMPLETED", "FAILED", or "CANCELED". * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'tasks': [ { 'taskId': 'string', 'taskStatus': 'IN_PROGRESS'|'COMPLETED'|'FAILED'|'CANCELED', 'taskType': 'ON_DEMAND_AUDIT_TASK'|'SCHEDULED_AUDIT_TASK' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **tasks** *(list) --* The audits that were performed during the specified time period. * *(dict) --* The audits that were performed. * **taskId** *(string) --* The ID of this audit. * **taskStatus** *(string) --* The status of this audit. One of "IN_PROGRESS", "COMPLETED", "FAILED", or "CANCELED". * **taskType** *(string) --* The type of this audit. One of "ON_DEMAND_AUDIT_TASK" or "SCHEDULED_AUDIT_TASK". * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListDetectMitigationActionsTasks ListDetectMitigationActionsTasks ******************************** class IoT.Paginator.ListDetectMitigationActionsTasks paginator = client.get_paginator('list_detect_mitigation_actions_tasks') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_detect_mitigation_actions_tasks()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **startTime** (*datetime*) -- **[REQUIRED]** A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both. * **endTime** (*datetime*) -- **[REQUIRED]** The end of the time period for which ML Detect mitigation actions tasks are returned. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'tasks': [ { 'taskId': 'string', 'taskStatus': 'IN_PROGRESS'|'SUCCESSFUL'|'FAILED'|'CANCELED', 'taskStartTime': datetime(2015, 1, 1), 'taskEndTime': datetime(2015, 1, 1), 'target': { 'violationIds': [ 'string', ], 'securityProfileName': 'string', 'behaviorName': 'string' }, 'violationEventOccurrenceRange': { 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1) }, 'onlyActiveViolationsIncluded': True|False, 'suppressedAlertsIncluded': True|False, 'actionsDefinition': [ { 'name': 'string', 'id': 'string', 'roleArn': 'string', 'actionParams': { 'updateDeviceCertificateParams': { 'action': 'DEACTIVATE' }, 'updateCACertificateParams': { 'action': 'DEACTIVATE' }, 'addThingsToThingGroupParams': { 'thingGroupNames': [ 'string', ], 'overrideDynamicGroups': True|False }, 'replaceDefaultPolicyVersionParams': { 'templateName': 'BLANK_POLICY' }, 'enableIoTLoggingParams': { 'roleArnForLogging': 'string', 'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED' }, 'publishFindingToSnsParams': { 'topicArn': 'string' } } }, ], 'taskStatistics': { 'actionsExecuted': 123, 'actionsSkipped': 123, 'actionsFailed': 123 } }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **tasks** *(list) --* The collection of ML Detect mitigation tasks that matched the filter criteria. * *(dict) --* The summary of the mitigation action tasks. * **taskId** *(string) --* The unique identifier of the task. * **taskStatus** *(string) --* The status of the task. * **taskStartTime** *(datetime) --* The date the task started. * **taskEndTime** *(datetime) --* The date the task ended. * **target** *(dict) --* Specifies the ML Detect findings to which the mitigation actions are applied. * **violationIds** *(list) --* The unique identifiers of the violations. * *(string) --* * **securityProfileName** *(string) --* The name of the security profile. * **behaviorName** *(string) --* The name of the behavior. * **violationEventOccurrenceRange** *(dict) --* Specifies the time period of which violation events occurred between. * **startTime** *(datetime) --* The start date and time of a time period in which violation events occurred. * **endTime** *(datetime) --* The end date and time of a time period in which violation events occurred. * **onlyActiveViolationsIncluded** *(boolean) --* Includes only active violations. * **suppressedAlertsIncluded** *(boolean) --* Includes suppressed alerts. * **actionsDefinition** *(list) --* The definition of the actions. * *(dict) --* Describes which changes should be applied as part of a mitigation action. * **name** *(string) --* A user-friendly name for the mitigation action. * **id** *(string) --* A unique identifier for the mitigation action. * **roleArn** *(string) --* The IAM role ARN used to apply this mitigation action. * **actionParams** *(dict) --* The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply. * **updateDeviceCertificateParams** *(dict) --* Parameters to define a mitigation action that changes the state of the device certificate to inactive. * **action** *(string) --* The action that you want to apply to the device certificate. The only supported value is "DEACTIVATE". * **updateCACertificateParams** *(dict) --* Parameters to define a mitigation action that changes the state of the CA certificate to inactive. * **action** *(string) --* The action that you want to apply to the CA certificate. The only supported value is "DEACTIVATE". * **addThingsToThingGroupParams** *(dict) --* Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine. * **thingGroupNames** *(list) --* The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy. * *(string) --* * **overrideDynamicGroups** *(boolean) --* Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups. * **replaceDefaultPolicyVersionParams** *(dict) --* Parameters to define a mitigation action that adds a blank policy to restrict permissions. * **templateName** *(string) --* The name of the template to be applied. The only supported value is "BLANK_POLICY". * **enableIoTLoggingParams** *(dict) --* Parameters to define a mitigation action that enables Amazon Web Services IoT Core logging at a specified level of detail. * **roleArnForLogging** *(string) --* The Amazon Resource Name (ARN) of the IAM role used for logging. * **logLevel** *(string) --* Specifies the type of information to be logged. * **publishFindingToSnsParams** *(dict) --* Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages. * **topicArn** *(string) --* The ARN of the topic to which you want to publish the findings. * **taskStatistics** *(dict) --* The statistics of a mitigation action task. * **actionsExecuted** *(integer) --* The actions that were performed. * **actionsSkipped** *(integer) --* The actions that were skipped. * **actionsFailed** *(integer) --* The actions that failed. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListMitigationActions ListMitigationActions ********************* class IoT.Paginator.ListMitigationActions paginator = client.get_paginator('list_mitigation_actions') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_mitigation_actions()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( actionType='UPDATE_DEVICE_CERTIFICATE'|'UPDATE_CA_CERTIFICATE'|'ADD_THINGS_TO_THING_GROUP'|'REPLACE_DEFAULT_POLICY_VERSION'|'ENABLE_IOT_LOGGING'|'PUBLISH_FINDING_TO_SNS', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **actionType** (*string*) -- Specify a value to limit the result to mitigation actions with a specific action type. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'actionIdentifiers': [ { 'actionName': 'string', 'actionArn': 'string', 'creationDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **actionIdentifiers** *(list) --* A set of actions that matched the specified filter criteria. * *(dict) --* Information that identifies a mitigation action. This information is returned by ListMitigationActions. * **actionName** *(string) --* The friendly name of the mitigation action. * **actionArn** *(string) --* The IAM role ARN used to apply this mitigation action. * **creationDate** *(datetime) --* The date when this mitigation action was created. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingTypes ListThingTypes ************** class IoT.Paginator.ListThingTypes paginator = client.get_paginator('list_thing_types') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_thing_types()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( thingTypeName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **thingTypeName** (*string*) -- The name of the thing type. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'thingTypes': [ { 'thingTypeName': 'string', 'thingTypeArn': 'string', 'thingTypeProperties': { 'thingTypeDescription': 'string', 'searchableAttributes': [ 'string', ], 'mqtt5Configuration': { 'propagatingAttributes': [ { 'userPropertyKey': 'string', 'thingAttribute': 'string', 'connectionAttribute': 'string' }, ] } }, 'thingTypeMetadata': { 'deprecated': True|False, 'deprecationDate': datetime(2015, 1, 1), 'creationDate': datetime(2015, 1, 1) } }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output for the ListThingTypes operation. * **thingTypes** *(list) --* The thing types. * *(dict) --* The definition of the thing type, including thing type name and description. * **thingTypeName** *(string) --* The name of the thing type. * **thingTypeArn** *(string) --* The thing type ARN. * **thingTypeProperties** *(dict) --* The ThingTypeProperties for the thing type. * **thingTypeDescription** *(string) --* The description of the thing type. * **searchableAttributes** *(list) --* A list of searchable thing attribute names. * *(string) --* * **mqtt5Configuration** *(dict) --* The configuration to add user-defined properties to enrich MQTT 5 messages. * **propagatingAttributes** *(list) --* An object that represents the propagating thing attributes and the connection attributes. * *(dict) --* An object that represents the connection attribute, thing attribute, and the user property key. * **userPropertyKey** *(string) --* The key of the user property key-value pair. * **thingAttribute** *(string) --* The user-defined thing attribute that is propagating for MQTT 5 message enrichment. * **connectionAttribute** *(string) --* The attribute associated with the connection between a device and Amazon Web Services IoT Core. * **thingTypeMetadata** *(dict) --* The ThingTypeMetadata contains additional information about the thing type including: creation date and time, a value indicating whether the thing type is deprecated, and a date and time when it was deprecated. * **deprecated** *(boolean) --* Whether the thing type is deprecated. If **true**, no new things could be associated with this type. * **deprecationDate** *(datetime) --* The date and time when the thing type was deprecated. * **creationDate** *(datetime) --* The date and time when the thing type was created. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListSecurityProfiles ListSecurityProfiles ******************** class IoT.Paginator.ListSecurityProfiles paginator = client.get_paginator('list_security_profiles') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_security_profiles()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( dimensionName='string', metricName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **dimensionName** (*string*) -- A filter to limit results to the security profiles that use the defined dimension. Cannot be used with "metricName" * **metricName** (*string*) -- The name of the custom metric. Cannot be used with "dimensionName". * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'securityProfileIdentifiers': [ { 'name': 'string', 'arn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **securityProfileIdentifiers** *(list) --* A list of security profile identifiers (names and ARNs). * *(dict) --* Identifying information for a Device Defender security profile. * **name** *(string) --* The name you've given to the security profile. * **arn** *(string) --* The ARN of the security profile. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingGroups ListThingGroups *************** class IoT.Paginator.ListThingGroups paginator = client.get_paginator('list_thing_groups') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_thing_groups()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( parentGroup='string', namePrefixFilter='string', recursive=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **parentGroup** (*string*) -- A filter that limits the results to those with the specified parent group. * **namePrefixFilter** (*string*) -- A filter that limits the results to those with the specified name prefix. * **recursive** (*boolean*) -- If true, return child groups as well. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'thingGroups': [ { 'groupName': 'string', 'groupArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **thingGroups** *(list) --* The thing groups. * *(dict) --* The name and ARN of a group. * **groupName** *(string) --* The group name. * **groupArn** *(string) --* The group ARN. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListDomainConfigurations ListDomainConfigurations ************************ class IoT.Paginator.ListDomainConfigurations paginator = client.get_paginator('list_domain_configurations') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_domain_configurations()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( serviceType='DATA'|'CREDENTIAL_PROVIDER'|'JOBS', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **serviceType** (*string*) -- The type of service delivered by the endpoint. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'domainConfigurations': [ { 'domainConfigurationName': 'string', 'domainConfigurationArn': 'string', 'serviceType': 'DATA'|'CREDENTIAL_PROVIDER'|'JOBS' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **domainConfigurations** *(list) --* A list of objects that contain summary information about the user's domain configurations. * *(dict) --* The summary of a domain configuration. A domain configuration specifies custom IoT-specific information about a domain. A domain configuration can be associated with an Amazon Web Services-managed domain (for example, dbc123defghijk.iot.us- west-2.amazonaws.com), a customer managed domain, or a default endpoint. * Data * Jobs * CredentialProvider * **domainConfigurationName** *(string) --* The name of the domain configuration. This value must be unique to a region. * **domainConfigurationArn** *(string) --* The ARN of the domain configuration. * **serviceType** *(string) --* The type of service delivered by the endpoint. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListCertificates ListCertificates **************** class IoT.Paginator.ListCertificates paginator = client.get_paginator('list_certificates') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_certificates()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **ascendingOrder** (*boolean*) -- Specifies the order for results. If True, the results are returned in ascending order, based on the creation date. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'certificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION', 'certificateMode': 'DEFAULT'|'SNI_ONLY', 'creationDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output of the ListCertificates operation. * **certificates** *(list) --* The descriptions of the certificates. * *(dict) --* Information about a certificate. * **certificateArn** *(string) --* The ARN of the certificate. * **certificateId** *(string) --* The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.) * **status** *(string) --* The status of the certificate. The status value REGISTER_INACTIVE is deprecated and should not be used. * **certificateMode** *(string) --* The mode of the certificate. "DEFAULT": A certificate in "DEFAULT" mode is either generated by Amazon Web Services IoT Core or registered with an issuer certificate authority (CA) in "DEFAULT" mode. Devices with certificates in "DEFAULT" mode aren't required to send the Server Name Indication (SNI) extension when connecting to Amazon Web Services IoT Core. However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to Amazon Web Services IoT Core. "SNI_ONLY": A certificate in "SNI_ONLY" mode is registered without an issuer CA. Devices with certificates in "SNI_ONLY" mode must send the SNI extension when connecting to Amazon Web Services IoT Core. * **creationDate** *(datetime) --* The date and time the certificate was created. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListCommandExecutions ListCommandExecutions ********************* class IoT.Paginator.ListCommandExecutions paginator = client.get_paginator('list_command_executions') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_command_executions()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( namespace='AWS-IoT'|'AWS-IoT-FleetWise', status='CREATED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'REJECTED'|'TIMED_OUT', sortOrder='ASCENDING'|'DESCENDING', startedTimeFilter={ 'after': 'string', 'before': 'string' }, completedTimeFilter={ 'after': 'string', 'before': 'string' }, targetArn='string', commandArn='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **namespace** (*string*) -- The namespace of the command. * **status** (*string*) -- List all command executions for the device that have a particular status. For example, you can filter the list to display only command executions that have failed or timed out. * **sortOrder** (*string*) -- Specify whether to list the command executions that were created in the ascending or descending order. By default, the API returns all commands in the descending order based on the start time or completion time of the executions, that are determined by the "startTimeFilter" and "completeTimeFilter" parameters. * **startedTimeFilter** (*dict*) -- List all command executions that started any time before or after the date and time that you specify. The date and time uses the format "yyyy-MM-dd'T'HH:mm". * **after** *(string) --* Filter to display command executions that started or completed only after a particular date and time. * **before** *(string) --* Filter to display command executions that started or completed only before a particular date and time. * **completedTimeFilter** (*dict*) -- List all command executions that completed any time before or after the date and time that you specify. The date and time uses the format "yyyy-MM-dd'T'HH:mm". * **after** *(string) --* Filter to display command executions that started or completed only after a particular date and time. * **before** *(string) --* Filter to display command executions that started or completed only before a particular date and time. * **targetArn** (*string*) -- The Amazon Resource Number (ARN) of the target device. You can use this information to list all command executions for a particular device. * **commandArn** (*string*) -- The Amazon Resource Number (ARN) of the command. You can use this information to list all command executions for a particular command. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'commandExecutions': [ { 'commandArn': 'string', 'executionId': 'string', 'targetArn': 'string', 'status': 'CREATED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'REJECTED'|'TIMED_OUT', 'createdAt': datetime(2015, 1, 1), 'startedAt': datetime(2015, 1, 1), 'completedAt': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **commandExecutions** *(list) --* The list of command executions. * *(dict) --* Summary information about a particular command execution. * **commandArn** *(string) --* The Amazon Resource Name (ARN) of the command execution. * **executionId** *(string) --* The unique identifier of the command execution. * **targetArn** *(string) --* The Amazon Resource Name (ARN) of the target device for which the command is being executed. * **status** *(string) --* The status of the command executions. * **createdAt** *(datetime) --* The date and time at which the command execution was created for the target device. * **startedAt** *(datetime) --* The date and time at which the command started executing on the target device. * **completedAt** *(datetime) --* The date and time at which the command completed executing on the target device. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListTopicRules ListTopicRules ************** class IoT.Paginator.ListTopicRules paginator = client.get_paginator('list_topic_rules') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_topic_rules()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( topic='string', ruleDisabled=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **topic** (*string*) -- The topic. * **ruleDisabled** (*boolean*) -- Specifies whether the rule is disabled. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'rules': [ { 'ruleArn': 'string', 'ruleName': 'string', 'topicPattern': 'string', 'createdAt': datetime(2015, 1, 1), 'ruleDisabled': True|False }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListTopicRules operation. * **rules** *(list) --* The rules. * *(dict) --* Describes a rule. * **ruleArn** *(string) --* The rule ARN. * **ruleName** *(string) --* The name of the rule. * **topicPattern** *(string) --* The pattern for the topic names that apply. * **createdAt** *(datetime) --* The date and time the rule was created. * **ruleDisabled** *(boolean) --* Specifies whether the rule is disabled. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListJobExecutionsForThing ListJobExecutionsForThing ************************* class IoT.Paginator.ListJobExecutionsForThing paginator = client.get_paginator('list_job_executions_for_thing') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_job_executions_for_thing()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( thingName='string', status='QUEUED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'TIMED_OUT'|'REJECTED'|'REMOVED'|'CANCELED', namespaceId='string', jobId='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The thing name. * **status** (*string*) -- An optional filter that lets you search for jobs that have the specified status. * **namespaceId** (*string*) -- The namespace used to indicate that a job is a customer- managed job. When you specify a value for this parameter, Amazon Web Services IoT Core sends jobs notifications to MQTT topics that contain the value in the following format. "$aws/things/THING_NAME/jobs/JOB_ID/notify-namespace- NAMESPACE_ID/" Note: The "namespaceId" feature is only supported by IoT Greengrass at this time. For more information, see Setting up IoT Greengrass core devices. * **jobId** (*string*) -- The unique identifier you assigned to this job when it was created. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'executionSummaries': [ { 'jobId': 'string', 'jobExecutionSummary': { 'status': 'QUEUED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'TIMED_OUT'|'REJECTED'|'REMOVED'|'CANCELED', 'queuedAt': datetime(2015, 1, 1), 'startedAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'executionNumber': 123, 'retryAttempt': 123 } }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **executionSummaries** *(list) --* A list of job execution summaries. * *(dict) --* The job execution summary for a thing. * **jobId** *(string) --* The unique identifier you assigned to this job when it was created. * **jobExecutionSummary** *(dict) --* Contains a subset of information about a job execution. * **status** *(string) --* The status of the job execution. * **queuedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution was queued. * **startedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution started. * **lastUpdatedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution was last updated. * **executionNumber** *(integer) --* A string (consisting of the digits "0" through "9") which identifies this particular job execution on this particular device. It can be used later in commands which return or update job execution information. * **retryAttempt** *(integer) --* The number that indicates how many retry attempts have been completed for this job on this device. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListJobs ListJobs ******** class IoT.Paginator.ListJobs paginator = client.get_paginator('list_jobs') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_jobs()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( status='IN_PROGRESS'|'CANCELED'|'COMPLETED'|'DELETION_IN_PROGRESS'|'SCHEDULED', targetSelection='CONTINUOUS'|'SNAPSHOT', thingGroupName='string', thingGroupId='string', namespaceId='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **status** (*string*) -- An optional filter that lets you search for jobs that have the specified status. * **targetSelection** (*string*) -- Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group. Note: We recommend that you use continuous jobs instead of snapshot jobs for dynamic thing group targets. By using continuous jobs, devices that join the group receive the job execution even after the job has been created. * **thingGroupName** (*string*) -- A filter that limits the returned jobs to those for the specified group. * **thingGroupId** (*string*) -- A filter that limits the returned jobs to those for the specified group. * **namespaceId** (*string*) -- The namespace used to indicate that a job is a customer- managed job. When you specify a value for this parameter, Amazon Web Services IoT Core sends jobs notifications to MQTT topics that contain the value in the following format. "$aws/things/THING_NAME/jobs/JOB_ID/notify-namespace- NAMESPACE_ID/" Note: The "namespaceId" feature is only supported by IoT Greengrass at this time. For more information, see Setting up IoT Greengrass core devices. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'jobs': [ { 'jobArn': 'string', 'jobId': 'string', 'thingGroupId': 'string', 'targetSelection': 'CONTINUOUS'|'SNAPSHOT', 'status': 'IN_PROGRESS'|'CANCELED'|'COMPLETED'|'DELETION_IN_PROGRESS'|'SCHEDULED', 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'completedAt': datetime(2015, 1, 1), 'isConcurrent': True|False }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **jobs** *(list) --* A list of jobs. * *(dict) --* The job summary. * **jobArn** *(string) --* The job ARN. * **jobId** *(string) --* The unique identifier you assigned to this job when it was created. * **thingGroupId** *(string) --* The ID of the thing group. * **targetSelection** *(string) --* Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a thing when the thing is added to a target group, even after the job was completed by all things originally in the group. Note: We recommend that you use continuous jobs instead of snapshot jobs for dynamic thing group targets. By using continuous jobs, devices that join the group receive the job execution even after the job has been created. * **status** *(string) --* The job summary status. * **createdAt** *(datetime) --* The time, in seconds since the epoch, when the job was created. * **lastUpdatedAt** *(datetime) --* The time, in seconds since the epoch, when the job was last updated. * **completedAt** *(datetime) --* The time, in seconds since the epoch, when the job completed. * **isConcurrent** *(boolean) --* Indicates whether a job is concurrent. Will be true when a job is rolling out new job executions or canceling previously created executions, otherwise false. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListMetricValues ListMetricValues **************** class IoT.Paginator.ListMetricValues paginator = client.get_paginator('list_metric_values') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_metric_values()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( thingName='string', metricName='string', dimensionName='string', dimensionValueOperator='IN'|'NOT_IN', startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The name of the thing for which security profile metric values are returned. * **metricName** (*string*) -- **[REQUIRED]** The name of the security profile metric for which values are returned. * **dimensionName** (*string*) -- The dimension name. * **dimensionValueOperator** (*string*) -- The dimension value operator. * **startTime** (*datetime*) -- **[REQUIRED]** The start of the time period for which metric values are returned. * **endTime** (*datetime*) -- **[REQUIRED]** The end of the time period for which metric values are returned. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'metricDatumList': [ { 'timestamp': datetime(2015, 1, 1), 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] } }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **metricDatumList** *(list) --* The data the thing reports for the metric during the specified time period. * *(dict) --* A metric. * **timestamp** *(datetime) --* The time the metric value was reported. * **value** *(dict) --* The value reported for the metric. * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListCACertificates ListCACertificates ****************** class IoT.Paginator.ListCACertificates paginator = client.get_paginator('list_ca_certificates') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_ca_certificates()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( ascendingOrder=True|False, templateName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **ascendingOrder** (*boolean*) -- Determines the order of the results. * **templateName** (*string*) -- The name of the provisioning template. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'certificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE', 'creationDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListCACertificates operation. * **certificates** *(list) --* The CA certificates registered in your Amazon Web Services account. * *(dict) --* A CA certificate. * **certificateArn** *(string) --* The ARN of the CA certificate. * **certificateId** *(string) --* The ID of the CA certificate. * **status** *(string) --* The status of the CA certificate. The status value REGISTER_INACTIVE is deprecated and should not be used. * **creationDate** *(datetime) --* The date the CA certificate was created. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListJobExecutionsForJob ListJobExecutionsForJob *********************** class IoT.Paginator.ListJobExecutionsForJob paginator = client.get_paginator('list_job_executions_for_job') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_job_executions_for_job()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( jobId='string', status='QUEUED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'TIMED_OUT'|'REJECTED'|'REMOVED'|'CANCELED', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **jobId** (*string*) -- **[REQUIRED]** The unique identifier you assigned to this job when it was created. * **status** (*string*) -- The status of the job. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'executionSummaries': [ { 'thingArn': 'string', 'jobExecutionSummary': { 'status': 'QUEUED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'TIMED_OUT'|'REJECTED'|'REMOVED'|'CANCELED', 'queuedAt': datetime(2015, 1, 1), 'startedAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'executionNumber': 123, 'retryAttempt': 123 } }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **executionSummaries** *(list) --* A list of job execution summaries. * *(dict) --* Contains a summary of information about job executions for a specific job. * **thingArn** *(string) --* The ARN of the thing on which the job execution is running. * **jobExecutionSummary** *(dict) --* Contains a subset of information about a job execution. * **status** *(string) --* The status of the job execution. * **queuedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution was queued. * **startedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution started. * **lastUpdatedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution was last updated. * **executionNumber** *(integer) --* A string (consisting of the digits "0" through "9") which identifies this particular job execution on this particular device. It can be used later in commands which return or update job execution information. * **retryAttempt** *(integer) --* The number that indicates how many retry attempts have been completed for this job on this device. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListTargetsForSecurityProfile ListTargetsForSecurityProfile ***************************** class IoT.Paginator.ListTargetsForSecurityProfile paginator = client.get_paginator('list_targets_for_security_profile') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_targets_for_security_profile()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( securityProfileName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **securityProfileName** (*string*) -- **[REQUIRED]** The security profile. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'securityProfileTargets': [ { 'arn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **securityProfileTargets** *(list) --* The thing groups to which the security profile is attached. * *(dict) --* A target to which an alert is sent when a security profile behavior is violated. * **arn** *(string) --* The ARN of the security profile. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListIndices ListIndices *********** class IoT.Paginator.ListIndices paginator = client.get_paginator('list_indices') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_indices()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'indexNames': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **indexNames** *(list) --* The index names. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListFleetMetrics ListFleetMetrics **************** class IoT.Paginator.ListFleetMetrics paginator = client.get_paginator('list_fleet_metrics') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_fleet_metrics()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'fleetMetrics': [ { 'metricName': 'string', 'metricArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **fleetMetrics** *(list) --* The list of fleet metrics objects. * *(dict) --* The name and ARN of a fleet metric. * **metricName** *(string) --* The fleet metric name. * **metricArn** *(string) --* The fleet metric ARN. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListTopicRuleDestinations ListTopicRuleDestinations ************************* class IoT.Paginator.ListTopicRuleDestinations paginator = client.get_paginator('list_topic_rule_destinations') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_topic_rule_destinations()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'destinationSummaries': [ { 'arn': 'string', 'status': 'ENABLED'|'IN_PROGRESS'|'DISABLED'|'ERROR'|'DELETING', 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'statusReason': 'string', 'httpUrlSummary': { 'confirmationUrl': 'string' }, 'vpcDestinationSummary': { 'subnetIds': [ 'string', ], 'securityGroups': [ 'string', ], 'vpcId': 'string', 'roleArn': 'string' } }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **destinationSummaries** *(list) --* Information about a topic rule destination. * *(dict) --* Information about the topic rule destination. * **arn** *(string) --* The topic rule destination ARN. * **status** *(string) --* The status of the topic rule destination. Valid values are: IN_PROGRESS A topic rule destination was created but has not been confirmed. You can set "status" to "IN_PROGRESS" by calling "UpdateTopicRuleDestination". Calling "UpdateTopicRuleDestination" causes a new confirmation challenge to be sent to your confirmation endpoint. ENABLED Confirmation was completed, and traffic to this destination is allowed. You can set "status" to "DISABLED" by calling "UpdateTopicRuleDestination". DISABLED Confirmation was completed, and traffic to this destination is not allowed. You can set "status" to "ENABLED" by calling "UpdateTopicRuleDestination". ERROR Confirmation could not be completed, for example if the confirmation timed out. You can call "GetTopicRuleDestination" for details about the error. You can set "status" to "IN_PROGRESS" by calling "UpdateTopicRuleDestination". Calling "UpdateTopicRuleDestination" causes a new confirmation challenge to be sent to your confirmation endpoint. * **createdAt** *(datetime) --* The date and time when the topic rule destination was created. * **lastUpdatedAt** *(datetime) --* The date and time when the topic rule destination was last updated. * **statusReason** *(string) --* The reason the topic rule destination is in the current status. * **httpUrlSummary** *(dict) --* Information about the HTTP URL. * **confirmationUrl** *(string) --* The URL used to confirm ownership of or access to the HTTP topic rule destination URL. * **vpcDestinationSummary** *(dict) --* Information about the virtual private cloud (VPC) connection. * **subnetIds** *(list) --* The subnet IDs of the VPC destination. * *(string) --* * **securityGroups** *(list) --* The security groups of the VPC destination. * *(string) --* * **vpcId** *(string) --* The ID of the VPC. * **roleArn** *(string) --* The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs). * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingRegistrationTaskReports ListThingRegistrationTaskReports ******************************** class IoT.Paginator.ListThingRegistrationTaskReports paginator = client.get_paginator('list_thing_registration_task_reports') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_thing_registration_task_reports()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( taskId='string', reportType='ERRORS'|'RESULTS', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **taskId** (*string*) -- **[REQUIRED]** The id of the task. * **reportType** (*string*) -- **[REQUIRED]** The type of task report. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'resourceLinks': [ 'string', ], 'reportType': 'ERRORS'|'RESULTS', 'NextToken': 'string' } **Response Structure** * *(dict) --* * **resourceLinks** *(list) --* Links to the task resources. * *(string) --* * **reportType** *(string) --* The type of task report. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListPrincipalThings ListPrincipalThings ******************* class IoT.Paginator.ListPrincipalThings paginator = client.get_paginator('list_principal_things') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_principal_things()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( principal='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **principal** (*string*) -- **[REQUIRED]** The principal. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'things': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListPrincipalThings operation. * **things** *(list) --* The things. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThings ListThings ********** class IoT.Paginator.ListThings paginator = client.get_paginator('list_things') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_things()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( attributeName='string', attributeValue='string', thingTypeName='string', usePrefixAttributeValue=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **attributeName** (*string*) -- The attribute name used to search for things. * **attributeValue** (*string*) -- The attribute value used to search for things. * **thingTypeName** (*string*) -- The name of the thing type used to search for things. * **usePrefixAttributeValue** (*boolean*) -- When "true", the action returns the thing resources with attribute values that start with the "attributeValue" provided. When "false", or not present, the action returns only the thing resources with attribute values that match the entire "attributeValue" provided. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'things': [ { 'thingName': 'string', 'thingTypeName': 'string', 'thingArn': 'string', 'attributes': { 'string': 'string' }, 'version': 123 }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListThings operation. * **things** *(list) --* The things. * *(dict) --* The properties of the thing, including thing name, thing type name, and a list of thing attributes. * **thingName** *(string) --* The name of the thing. * **thingTypeName** *(string) --* The name of the thing type, if the thing has been associated with a type. * **thingArn** *(string) --* The thing ARN. * **attributes** *(dict) --* A list of thing attributes which are name-value pairs. * *(string) --* * *(string) --* * **version** *(integer) --* The version of the thing record in the registry. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingPrincipalsV2 ListThingPrincipalsV2 ********************* class IoT.Paginator.ListThingPrincipalsV2 paginator = client.get_paginator('list_thing_principals_v2') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_thing_principals_v2()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( thingName='string', thingPrincipalType='EXCLUSIVE_THING'|'NON_EXCLUSIVE_THING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The name of the thing. * **thingPrincipalType** (*string*) -- The type of the relation you want to filter in the response. If no value is provided in this field, the response will list all principals, including both the "EXCLUSIVE_THING" and "NON_EXCLUSIVE_THING" attachment types. * "EXCLUSIVE_THING" - Attaches the specified principal to the specified thing, exclusively. The thing will be the only thing that’s attached to the principal. * "NON_EXCLUSIVE_THING" - Attaches the specified principal to the specified thing. Multiple things can be attached to the principal. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'thingPrincipalObjects': [ { 'principal': 'string', 'thingPrincipalType': 'EXCLUSIVE_THING'|'NON_EXCLUSIVE_THING' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **thingPrincipalObjects** *(list) --* A list of "thingPrincipalObject" that represents the principal and the type of relation it has with the thing. * *(dict) --* An object that represents the principal and the type of relation it has with the thing. * **principal** *(string) --* The principal of the thing principal object. * **thingPrincipalType** *(string) --* The type of the relation you want to specify when you attach a principal to a thing. The value defaults to "NON_EXCLUSIVE_THING". * "EXCLUSIVE_THING" - Attaches the specified principal to the specified thing, exclusively. The thing will be the only thing that’s attached to the principal. * "NON_EXCLUSIVE_THING" - Attaches the specified principal to the specified thing. Multiple things can be attached to the principal. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListV2LoggingLevels ListV2LoggingLevels ******************* class IoT.Paginator.ListV2LoggingLevels paginator = client.get_paginator('list_v2_logging_levels') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_v2_logging_levels()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( targetType='DEFAULT'|'THING_GROUP'|'CLIENT_ID'|'SOURCE_IP'|'PRINCIPAL_ID', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **targetType** (*string*) -- The type of resource for which you are configuring logging. Must be "THING_Group". * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'logTargetConfigurations': [ { 'logTarget': { 'targetType': 'DEFAULT'|'THING_GROUP'|'CLIENT_ID'|'SOURCE_IP'|'PRINCIPAL_ID', 'targetName': 'string' }, 'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **logTargetConfigurations** *(list) --* The logging configuration for a target. * *(dict) --* The target configuration. * **logTarget** *(dict) --* A log target * **targetType** *(string) --* The target type. * **targetName** *(string) --* The target name. * **logLevel** *(string) --* The logging level. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListCommands ListCommands ************ class IoT.Paginator.ListCommands paginator = client.get_paginator('list_commands') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_commands()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( namespace='AWS-IoT'|'AWS-IoT-FleetWise', commandParameterName='string', sortOrder='ASCENDING'|'DESCENDING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **namespace** (*string*) -- The namespace of the command. By default, the API returns all commands that have been created for both "AWS-IoT" and "AWS-IoT-FleetWise" namespaces. You can override this default value if you want to return all commands that have been created only for a specific namespace. * **commandParameterName** (*string*) -- A filter that can be used to display the list of commands that have a specific command parameter name. * **sortOrder** (*string*) -- Specify whether to list the commands that you have created in the ascending or descending order. By default, the API returns all commands in the descending order based on the time that they were created. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'commands': [ { 'commandArn': 'string', 'commandId': 'string', 'displayName': 'string', 'deprecated': True|False, 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'pendingDeletion': True|False }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **commands** *(list) --* The list of commands. * *(dict) --* Summary information about a particular command resource. * **commandArn** *(string) --* The Amazon Resource Name (ARN) of the command. * **commandId** *(string) --* The unique identifier of the command. * **displayName** *(string) --* The display name of the command. * **deprecated** *(boolean) --* Indicates whether the command has been deprecated. * **createdAt** *(datetime) --* The timestamp, when the command was created. * **lastUpdatedAt** *(datetime) --* The timestamp, when the command was last updated. * **pendingDeletion** *(boolean) --* Indicates whether the command is pending deletion. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListPackages ListPackages ************ class IoT.Paginator.ListPackages paginator = client.get_paginator('list_packages') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_packages()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'packageSummaries': [ { 'packageName': 'string', 'defaultVersionName': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **packageSummaries** *(list) --* The software package summary. * *(dict) --* A summary of information about a software package. * **packageName** *(string) --* The name for the target software package. * **defaultVersionName** *(string) --* The name of the default package version. * **creationDate** *(datetime) --* The date that the package was created. * **lastModifiedDate** *(datetime) --* The date that the package was last updated. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListBillingGroups ListBillingGroups ***************** class IoT.Paginator.ListBillingGroups paginator = client.get_paginator('list_billing_groups') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_billing_groups()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( namePrefixFilter='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **namePrefixFilter** (*string*) -- Limit the results to billing groups whose names have the given prefix. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'billingGroups': [ { 'groupName': 'string', 'groupArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **billingGroups** *(list) --* The list of billing groups. * *(dict) --* The name and ARN of a group. * **groupName** *(string) --* The group name. * **groupArn** *(string) --* The group ARN. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListSecurityProfilesForTarget ListSecurityProfilesForTarget ***************************** class IoT.Paginator.ListSecurityProfilesForTarget paginator = client.get_paginator('list_security_profiles_for_target') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_security_profiles_for_target()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( recursive=True|False, securityProfileTargetArn='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **recursive** (*boolean*) -- If true, return child groups too. * **securityProfileTargetArn** (*string*) -- **[REQUIRED]** The ARN of the target (thing group) whose attached security profiles you want to get. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'securityProfileTargetMappings': [ { 'securityProfileIdentifier': { 'name': 'string', 'arn': 'string' }, 'target': { 'arn': 'string' } }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **securityProfileTargetMappings** *(list) --* A list of security profiles and their associated targets. * *(dict) --* Information about a security profile and the target associated with it. * **securityProfileIdentifier** *(dict) --* Information that identifies the security profile. * **name** *(string) --* The name you've given to the security profile. * **arn** *(string) --* The ARN of the security profile. * **target** *(dict) --* Information about the target (thing group) associated with the security profile. * **arn** *(string) --* The ARN of the security profile. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListOutgoingCertificates ListOutgoingCertificates ************************ class IoT.Paginator.ListOutgoingCertificates paginator = client.get_paginator('list_outgoing_certificates') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_outgoing_certificates()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **ascendingOrder** (*boolean*) -- Specifies the order for results. If True, the results are returned in ascending order, based on the creation date. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'outgoingCertificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'transferredTo': 'string', 'transferDate': datetime(2015, 1, 1), 'transferMessage': 'string', 'creationDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListOutgoingCertificates operation. * **outgoingCertificates** *(list) --* The certificates that are being transferred but not yet accepted. * *(dict) --* A certificate that has been transferred but not yet accepted. * **certificateArn** *(string) --* The certificate ARN. * **certificateId** *(string) --* The certificate ID. * **transferredTo** *(string) --* The Amazon Web Services account to which the transfer was made. * **transferDate** *(datetime) --* The date the transfer was initiated. * **transferMessage** *(string) --* The transfer message. * **creationDate** *(datetime) --* The certificate creation date. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListScheduledAudits ListScheduledAudits ******************* class IoT.Paginator.ListScheduledAudits paginator = client.get_paginator('list_scheduled_audits') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_scheduled_audits()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'scheduledAudits': [ { 'scheduledAuditName': 'string', 'scheduledAuditArn': 'string', 'frequency': 'DAILY'|'WEEKLY'|'BIWEEKLY'|'MONTHLY', 'dayOfMonth': 'string', 'dayOfWeek': 'SUN'|'MON'|'TUE'|'WED'|'THU'|'FRI'|'SAT' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **scheduledAudits** *(list) --* The list of scheduled audits. * *(dict) --* Information about the scheduled audit. * **scheduledAuditName** *(string) --* The name of the scheduled audit. * **scheduledAuditArn** *(string) --* The ARN of the scheduled audit. * **frequency** *(string) --* How often the scheduled audit occurs. * **dayOfMonth** *(string) --* The day of the month on which the scheduled audit is run (if the "frequency" is "MONTHLY"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the "LAST" day of the month. * **dayOfWeek** *(string) --* The day of the week on which the scheduled audit is run (if the "frequency" is "WEEKLY" or "BIWEEKLY"). * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListAttachedPolicies ListAttachedPolicies ******************** class IoT.Paginator.ListAttachedPolicies paginator = client.get_paginator('list_attached_policies') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_attached_policies()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( target='string', recursive=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **target** (*string*) -- **[REQUIRED]** The group or principal for which the policies will be listed. Valid principals are CertificateArn (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and CognitoId (*region*:*id*). * **recursive** (*boolean*) -- When true, recursively list attached policies. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'policies': [ { 'policyName': 'string', 'policyArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **policies** *(list) --* The policies. * *(dict) --* Describes an IoT policy. * **policyName** *(string) --* The policy name. * **policyArn** *(string) --* The policy ARN. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingGroupsForThing ListThingGroupsForThing *********************** class IoT.Paginator.ListThingGroupsForThing paginator = client.get_paginator('list_thing_groups_for_thing') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_thing_groups_for_thing()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( thingName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The thing name. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'thingGroups': [ { 'groupName': 'string', 'groupArn': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **thingGroups** *(list) --* The thing groups. * *(dict) --* The name and ARN of a group. * **groupName** *(string) --* The group name. * **groupArn** *(string) --* The group ARN. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListAuditMitigationActionsExecutions ListAuditMitigationActionsExecutions ************************************ class IoT.Paginator.ListAuditMitigationActionsExecutions paginator = client.get_paginator('list_audit_mitigation_actions_executions') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_audit_mitigation_actions_executions()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( taskId='string', actionStatus='IN_PROGRESS'|'COMPLETED'|'FAILED'|'CANCELED'|'SKIPPED'|'PENDING', findingId='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **taskId** (*string*) -- **[REQUIRED]** Specify this filter to limit results to actions for a specific audit mitigation actions task. * **actionStatus** (*string*) -- Specify this filter to limit results to those with a specific status. * **findingId** (*string*) -- **[REQUIRED]** Specify this filter to limit results to those that were applied to a specific audit finding. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'actionsExecutions': [ { 'taskId': 'string', 'findingId': 'string', 'actionName': 'string', 'actionId': 'string', 'status': 'IN_PROGRESS'|'COMPLETED'|'FAILED'|'CANCELED'|'SKIPPED'|'PENDING', 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1), 'errorCode': 'string', 'message': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **actionsExecutions** *(list) --* A set of task execution results based on the input parameters. Details include the mitigation action applied, start time, and task status. * *(dict) --* Returned by ListAuditMitigationActionsTask, this object contains information that describes a mitigation action that has been started. * **taskId** *(string) --* The unique identifier for the task that applies the mitigation action. * **findingId** *(string) --* The unique identifier for the findings to which the task and associated mitigation action are applied. * **actionName** *(string) --* The friendly name of the mitigation action being applied by the task. * **actionId** *(string) --* The unique identifier for the mitigation action being applied by the task. * **status** *(string) --* The current status of the task being executed. * **startTime** *(datetime) --* The date and time when the task was started. * **endTime** *(datetime) --* The date and time when the task was completed or canceled. Blank if the task is still running. * **errorCode** *(string) --* If an error occurred, the code that indicates which type of error occurred. * **message** *(string) --* If an error occurred, a message that describes the error. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListPackageVersions ListPackageVersions ******************* class IoT.Paginator.ListPackageVersions paginator = client.get_paginator('list_package_versions') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_package_versions()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( packageName='string', status='DRAFT'|'PUBLISHED'|'DEPRECATED', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the target software package. * **status** (*string*) -- The status of the package version. For more information, see Package version lifecycle. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'packageVersionSummaries': [ { 'packageName': 'string', 'versionName': 'string', 'status': 'DRAFT'|'PUBLISHED'|'DEPRECATED', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **packageVersionSummaries** *(list) --* Lists the package versions associated to the package. * *(dict) --* A summary of information about a package version. * **packageName** *(string) --* The name of the associated software package. * **versionName** *(string) --* The name of the target package version. * **status** *(string) --* The status of the package version. For more information, see Package version lifecycle. * **creationDate** *(datetime) --* The date that the package version was created. * **lastModifiedDate** *(datetime) --* The date that the package version was last updated. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListDetectMitigationActionsExecutions ListDetectMitigationActionsExecutions ************************************* class IoT.Paginator.ListDetectMitigationActionsExecutions paginator = client.get_paginator('list_detect_mitigation_actions_executions') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_detect_mitigation_actions_executions()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( taskId='string', violationId='string', thingName='string', startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **taskId** (*string*) -- The unique identifier of the task. * **violationId** (*string*) -- The unique identifier of the violation. * **thingName** (*string*) -- The name of the thing whose mitigation actions are listed. * **startTime** (*datetime*) -- A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both. * **endTime** (*datetime*) -- The end of the time period for which ML Detect mitigation actions executions are returned. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'actionsExecutions': [ { 'taskId': 'string', 'violationId': 'string', 'actionName': 'string', 'thingName': 'string', 'executionStartDate': datetime(2015, 1, 1), 'executionEndDate': datetime(2015, 1, 1), 'status': 'IN_PROGRESS'|'SUCCESSFUL'|'FAILED'|'SKIPPED', 'errorCode': 'string', 'message': 'string' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **actionsExecutions** *(list) --* List of actions executions. * *(dict) --* Describes which mitigation actions should be executed. * **taskId** *(string) --* The unique identifier of the task. * **violationId** *(string) --* The unique identifier of the violation. * **actionName** *(string) --* The friendly name that uniquely identifies the mitigation action. * **thingName** *(string) --* The name of the thing. * **executionStartDate** *(datetime) --* The date a mitigation action was started. * **executionEndDate** *(datetime) --* The date a mitigation action ended. * **status** *(string) --* The status of a mitigation action. * **errorCode** *(string) --* The error code of a mitigation action. * **message** *(string) --* The message of a mitigation action. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListAuditFindings ListAuditFindings ***************** class IoT.Paginator.ListAuditFindings paginator = client.get_paginator('list_audit_findings') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_audit_findings()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( taskId='string', checkName='string', resourceIdentifier={ 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), listSuppressedFindings=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **taskId** (*string*) -- A filter to limit results to the audit with the specified ID. You must specify either the taskId or the startTime and endTime, but not both. * **checkName** (*string*) -- A filter to limit results to the findings for the specified audit check. * **resourceIdentifier** (*dict*) -- Information identifying the noncompliant resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **startTime** (*datetime*) -- A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both. * **endTime** (*datetime*) -- A filter to limit results to those found before the specified time. You must specify either the startTime and endTime or the taskId, but not both. * **listSuppressedFindings** (*boolean*) -- Boolean flag indicating whether only the suppressed findings or the unsuppressed findings should be listed. If this parameter isn't provided, the response will list both suppressed and unsuppressed findings. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'findings': [ { 'findingId': 'string', 'taskId': 'string', 'checkName': 'string', 'taskStartTime': datetime(2015, 1, 1), 'findingTime': datetime(2015, 1, 1), 'severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW', 'nonCompliantResource': { 'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'additionalInfo': { 'string': 'string' } }, 'relatedResources': [ { 'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'additionalInfo': { 'string': 'string' } }, ], 'reasonForNonCompliance': 'string', 'reasonForNonComplianceCode': 'string', 'isSuppressed': True|False }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **findings** *(list) --* The findings (results) of the audit. * *(dict) --* The findings (results) of the audit. * **findingId** *(string) --* A unique identifier for this set of audit findings. This identifier is used to apply mitigation tasks to one or more sets of findings. * **taskId** *(string) --* The ID of the audit that generated this result (finding). * **checkName** *(string) --* The audit check that generated this result. * **taskStartTime** *(datetime) --* The time the audit started. * **findingTime** *(datetime) --* The time the result (finding) was discovered. * **severity** *(string) --* The severity of the result (finding). * **nonCompliantResource** *(dict) --* The resource that was found to be noncompliant with the audit check. * **resourceType** *(string) --* The type of the noncompliant resource. * **resourceIdentifier** *(dict) --* Information that identifies the noncompliant resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **additionalInfo** *(dict) --* Other information about the noncompliant resource. * *(string) --* * *(string) --* * **relatedResources** *(list) --* The list of related resources. * *(dict) --* Information about a related resource. * **resourceType** *(string) --* The type of resource. * **resourceIdentifier** *(dict) --* Information that identifies the resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **additionalInfo** *(dict) --* Other information about the resource. * *(string) --* * *(string) --* * **reasonForNonCompliance** *(string) --* The reason the resource was noncompliant. * **reasonForNonComplianceCode** *(string) --* A code that indicates the reason that the resource was noncompliant. * **isSuppressed** *(boolean) --* Indicates whether the audit finding was suppressed or not during reporting. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListRoleAliases ListRoleAliases *************** class IoT.Paginator.ListRoleAliases paginator = client.get_paginator('list_role_aliases') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_role_aliases()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( ascendingOrder=True|False, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **ascendingOrder** (*boolean*) -- Return the list of role aliases in ascending alphabetical order. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'roleAliases': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **roleAliases** *(list) --* The role aliases. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingRegistrationTasks ListThingRegistrationTasks ************************** class IoT.Paginator.ListThingRegistrationTasks paginator = client.get_paginator('list_thing_registration_tasks') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_thing_registration_tasks()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( status='InProgress'|'Completed'|'Failed'|'Cancelled'|'Cancelling', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **status** (*string*) -- The status of the bulk thing provisioning task. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'taskIds': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **taskIds** *(list) --* A list of bulk thing provisioning task IDs. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListPrincipalThingsV2 ListPrincipalThingsV2 ********************* class IoT.Paginator.ListPrincipalThingsV2 paginator = client.get_paginator('list_principal_things_v2') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_principal_things_v2()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( principal='string', thingPrincipalType='EXCLUSIVE_THING'|'NON_EXCLUSIVE_THING', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **principal** (*string*) -- **[REQUIRED]** The principal. A principal can be an X.509 certificate or an Amazon Cognito ID. * **thingPrincipalType** (*string*) -- The type of the relation you want to filter in the response. If no value is provided in this field, the response will list all things, including both the "EXCLUSIVE_THING" and "NON_EXCLUSIVE_THING" attachment types. * "EXCLUSIVE_THING" - Attaches the specified principal to the specified thing, exclusively. The thing will be the only thing that’s attached to the principal. * "NON_EXCLUSIVE_THING" - Attaches the specified principal to the specified thing. Multiple things can be attached to the principal. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'principalThingObjects': [ { 'thingName': 'string', 'thingPrincipalType': 'EXCLUSIVE_THING'|'NON_EXCLUSIVE_THING' }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **principalThingObjects** *(list) --* A list of "thingPrincipalObject" that represents the principal and the type of relation it has with the thing. * *(dict) --* An object that represents the thing and the type of relation it has with the principal. * **thingName** *(string) --* The name of the thing. * **thingPrincipalType** *(string) --* The type of the relation you want to specify when you attach a principal to a thing. The value defaults to "NON_EXCLUSIVE_THING". * "EXCLUSIVE_THING" - Attaches the specified principal to the specified thing, exclusively. The thing will be the only thing that’s attached to the principal. * "NON_EXCLUSIVE_THING" - Attaches the specified principal to the specified thing. Multiple things can be attached to the principal. * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListDimensions ListDimensions ************** class IoT.Paginator.ListDimensions paginator = client.get_paginator('list_dimensions') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_dimensions()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'dimensionNames': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **dimensionNames** *(list) --* A list of the names of the defined dimensions. Use "DescribeDimension" to get details for a dimension. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Paginator / ListThingsInBillingGroup ListThingsInBillingGroup ************************ class IoT.Paginator.ListThingsInBillingGroup paginator = client.get_paginator('list_things_in_billing_group') paginate(**kwargs) Creates an iterator that will paginate through responses from "IoT.Client.list_things_in_billing_group()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( billingGroupName='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **billingGroupName** (*string*) -- **[REQUIRED]** The name of the billing group. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'things': [ 'string', ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **things** *(list) --* A list of things in the billing group. * *(string) --* * **NextToken** *(string) --* A token to resume pagination. IoT / Client / delete_job delete_job ********** IoT.Client.delete_job(**kwargs) Deletes a job and its related job executions. Deleting a job may take time, depending on the number of job executions created for the job and various other factors. While the job is being deleted, the status of the job will be shown as "DELETION_IN_PROGRESS". Attempting to delete or cancel a job whose status is already "DELETION_IN_PROGRESS" will result in an error. Only 10 jobs may have status "DELETION_IN_PROGRESS" at the same time, or a LimitExceededException will occur. Requires permission to access the DeleteJob action. See also: AWS API Documentation **Request Syntax** response = client.delete_job( jobId='string', force=True|False, namespaceId='string' ) Parameters: * **jobId** (*string*) -- **[REQUIRED]** The ID of the job to be deleted. After a job deletion is completed, you may reuse this jobId when you create a new job. However, this is not recommended, and you must ensure that your devices are not using the jobId to refer to the deleted job. * **force** (*boolean*) -- (Optional) When true, you can delete a job which is "IN_PROGRESS". Otherwise, you can only delete a job which is in a terminal state ("COMPLETED" or "CANCELED") or an exception will occur. The default is false. Note: Deleting a job which is "IN_PROGRESS", will cause a device which is executing the job to be unable to access job information or update the job execution status. Use caution and ensure that each device executing a job which is deleted is able to recover to a valid state. * **namespaceId** (*string*) -- The namespace used to indicate that a job is a customer- managed job. When you specify a value for this parameter, Amazon Web Services IoT Core sends jobs notifications to MQTT topics that contain the value in the following format. "$aws/things/THING_NAME/jobs/JOB_ID/notify-namespace- NAMESPACE_ID/" Note: The "namespaceId" feature is only supported by IoT Greengrass at this time. For more information, see Setting up IoT Greengrass core devices. Returns: None **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.InvalidStateTransitionException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.LimitExceededException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ServiceUnavailableException" IoT / Client / create_security_profile create_security_profile *********************** IoT.Client.create_security_profile(**kwargs) Creates a Device Defender security profile. Requires permission to access the CreateSecurityProfile action. See also: AWS API Documentation **Request Syntax** response = client.create_security_profile( securityProfileName='string', securityProfileDescription='string', behaviors=[ { 'name': 'string', 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'criteria': { 'comparisonOperator': 'less-than'|'less-than-equals'|'greater-than'|'greater-than-equals'|'in-cidr-set'|'not-in-cidr-set'|'in-port-set'|'not-in-port-set'|'in-set'|'not-in-set', 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'durationSeconds': 123, 'consecutiveDatapointsToAlarm': 123, 'consecutiveDatapointsToClear': 123, 'statisticalThreshold': { 'statistic': 'string' }, 'mlDetectionConfig': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' } }, 'suppressAlerts': True|False, 'exportMetric': True|False }, ], alertTargets={ 'string': { 'alertTargetArn': 'string', 'roleArn': 'string' } }, additionalMetricsToRetain=[ 'string', ], additionalMetricsToRetainV2=[ { 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'exportMetric': True|False }, ], tags=[ { 'Key': 'string', 'Value': 'string' }, ], metricsExportConfig={ 'mqttTopic': 'string', 'roleArn': 'string' } ) Parameters: * **securityProfileName** (*string*) -- **[REQUIRED]** The name you are giving to the security profile. * **securityProfileDescription** (*string*) -- A description of the security profile. * **behaviors** (*list*) -- Specifies the behaviors that, when violated by a device (thing), cause an alert. * *(dict) --* A Device Defender security profile behavior. * **name** *(string) --* **[REQUIRED]** The name you've given to the behavior. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension for a metric in your behavior. For example, using a "TOPIC_FILTER" dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can't be used with custom metrics. * **dimensionName** *(string) --* **[REQUIRED]** A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **criteria** *(dict) --* The criteria that determine if a device is behaving normally in regard to the "metric". Note: In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously. * **comparisonOperator** *(string) --* The operator that relates the thing measured ( "metric") to the criteria (containing a "value" or "statisticalThreshold"). Valid operators include: * "string-list": "in-set" and "not-in-set" * "number-list": "in-set" and "not-in-set" * "ip-address-list": "in-cidr-set" and "not-in-cidr-set" * "number": "less-than", "less-than-equals", "greater- than", and "greater-than-equals" * **value** *(dict) --* The value to be compared with the "metric". * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **durationSeconds** *(integer) --* Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, "NUM_MESSAGES_SENT"). For a "statisticalThreshhold" metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes. * **consecutiveDatapointsToAlarm** *(integer) --* If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. * **consecutiveDatapointsToClear** *(integer) --* If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. * **statisticalThreshold** *(dict) --* A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. * **statistic** *(string) --* The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( "durationSeconds") from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( "comparisonOperator") the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs. * **mlDetectionConfig** *(dict) --* The configuration of an ML Detect * **confidenceLevel** *(string) --* **[REQUIRED]** The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **suppressAlerts** *(boolean) --* Suppresses alerts. * **exportMetric** *(boolean) --* Value indicates exporting metrics related to the behavior when it is true. * **alertTargets** (*dict*) -- Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior. * *(string) --* The type of alert target: one of "SNS". * *(dict) --* A structure containing the alert target ARN and the role ARN. * **alertTargetArn** *(string) --* **[REQUIRED]** The Amazon Resource Name (ARN) of the notification target to which alerts are sent. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants permission to send alerts to the notification target. * **additionalMetricsToRetain** (*list*) -- Please use CreateSecurityProfileRequest$additionalMetricsToRetainV2 instead. A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's "behaviors", but it is also retained for any metric specified here. Can be used with custom metrics; cannot be used with dimensions. * *(string) --* * **additionalMetricsToRetainV2** (*list*) -- A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's "behaviors", but it is also retained for any metric specified here. Can be used with custom metrics; cannot be used with dimensions. * *(dict) --* The metric you want to retain. Dimensions are optional. * **metric** *(string) --* **[REQUIRED]** What is measured by the behavior. * **metricDimension** *(dict) --* The dimension of a metric. This can't be used with custom metrics. * **dimensionName** *(string) --* **[REQUIRED]** A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **exportMetric** *(boolean) --* The value indicates exporting metrics related to the "MetricToRetain" when it's true. * **tags** (*list*) -- Metadata that can be used to manage the security profile. * *(dict) --* A set of key/value pairs that are used to manage the resource. * **Key** *(string) --* **[REQUIRED]** The tag's key. * **Value** *(string) --* The tag's value. * **metricsExportConfig** (*dict*) -- Specifies the MQTT topic and role ARN required for metric export. * **mqttTopic** *(string) --* **[REQUIRED]** The MQTT topic that Device Defender Detect should publish messages to for metrics export. * **roleArn** *(string) --* **[REQUIRED]** This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf. Return type: dict Returns: **Response Syntax** { 'securityProfileName': 'string', 'securityProfileArn': 'string' } **Response Structure** * *(dict) --* * **securityProfileName** *(string) --* The name you gave to the security profile. * **securityProfileArn** *(string) --* The ARN of the security profile. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / get_topic_rule get_topic_rule ************** IoT.Client.get_topic_rule(**kwargs) Gets information about the rule. Requires permission to access the GetTopicRule action. See also: AWS API Documentation **Request Syntax** response = client.get_topic_rule( ruleName='string' ) Parameters: **ruleName** (*string*) -- **[REQUIRED]** The name of the rule. Return type: dict Returns: **Response Syntax** { 'ruleArn': 'string', 'rule': { 'ruleName': 'string', 'sql': 'string', 'description': 'string', 'createdAt': datetime(2015, 1, 1), 'actions': [ { 'dynamoDB': { 'tableName': 'string', 'roleArn': 'string', 'operation': 'string', 'hashKeyField': 'string', 'hashKeyValue': 'string', 'hashKeyType': 'STRING'|'NUMBER', 'rangeKeyField': 'string', 'rangeKeyValue': 'string', 'rangeKeyType': 'STRING'|'NUMBER', 'payloadField': 'string' }, 'dynamoDBv2': { 'roleArn': 'string', 'putItem': { 'tableName': 'string' } }, 'lambda': { 'functionArn': 'string' }, 'sns': { 'targetArn': 'string', 'roleArn': 'string', 'messageFormat': 'RAW'|'JSON' }, 'sqs': { 'roleArn': 'string', 'queueUrl': 'string', 'useBase64': True|False }, 'kinesis': { 'roleArn': 'string', 'streamName': 'string', 'partitionKey': 'string' }, 'republish': { 'roleArn': 'string', 'topic': 'string', 'qos': 123, 'headers': { 'payloadFormatIndicator': 'string', 'contentType': 'string', 'responseTopic': 'string', 'correlationData': 'string', 'messageExpiry': 'string', 'userProperties': [ { 'key': 'string', 'value': 'string' }, ] } }, 's3': { 'roleArn': 'string', 'bucketName': 'string', 'key': 'string', 'cannedAcl': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control'|'log-delivery-write' }, 'firehose': { 'roleArn': 'string', 'deliveryStreamName': 'string', 'separator': 'string', 'batchMode': True|False }, 'cloudwatchMetric': { 'roleArn': 'string', 'metricNamespace': 'string', 'metricName': 'string', 'metricValue': 'string', 'metricUnit': 'string', 'metricTimestamp': 'string' }, 'cloudwatchAlarm': { 'roleArn': 'string', 'alarmName': 'string', 'stateReason': 'string', 'stateValue': 'string' }, 'cloudwatchLogs': { 'roleArn': 'string', 'logGroupName': 'string', 'batchMode': True|False }, 'elasticsearch': { 'roleArn': 'string', 'endpoint': 'string', 'index': 'string', 'type': 'string', 'id': 'string' }, 'salesforce': { 'token': 'string', 'url': 'string' }, 'iotAnalytics': { 'channelArn': 'string', 'channelName': 'string', 'batchMode': True|False, 'roleArn': 'string' }, 'iotEvents': { 'inputName': 'string', 'messageId': 'string', 'batchMode': True|False, 'roleArn': 'string' }, 'iotSiteWise': { 'putAssetPropertyValueEntries': [ { 'entryId': 'string', 'assetId': 'string', 'propertyId': 'string', 'propertyAlias': 'string', 'propertyValues': [ { 'value': { 'stringValue': 'string', 'integerValue': 'string', 'doubleValue': 'string', 'booleanValue': 'string' }, 'timestamp': { 'timeInSeconds': 'string', 'offsetInNanos': 'string' }, 'quality': 'string' }, ] }, ], 'roleArn': 'string' }, 'stepFunctions': { 'executionNamePrefix': 'string', 'stateMachineName': 'string', 'roleArn': 'string' }, 'timestream': { 'roleArn': 'string', 'databaseName': 'string', 'tableName': 'string', 'dimensions': [ { 'name': 'string', 'value': 'string' }, ], 'timestamp': { 'value': 'string', 'unit': 'string' } }, 'http': { 'url': 'string', 'confirmationUrl': 'string', 'headers': [ { 'key': 'string', 'value': 'string' }, ], 'auth': { 'sigv4': { 'signingRegion': 'string', 'serviceName': 'string', 'roleArn': 'string' } } }, 'kafka': { 'destinationArn': 'string', 'topic': 'string', 'key': 'string', 'partition': 'string', 'clientProperties': { 'string': 'string' }, 'headers': [ { 'key': 'string', 'value': 'string' }, ] }, 'openSearch': { 'roleArn': 'string', 'endpoint': 'string', 'index': 'string', 'type': 'string', 'id': 'string' }, 'location': { 'roleArn': 'string', 'trackerName': 'string', 'deviceId': 'string', 'timestamp': { 'value': 'string', 'unit': 'string' }, 'latitude': 'string', 'longitude': 'string' } }, ], 'ruleDisabled': True|False, 'awsIotSqlVersion': 'string', 'errorAction': { 'dynamoDB': { 'tableName': 'string', 'roleArn': 'string', 'operation': 'string', 'hashKeyField': 'string', 'hashKeyValue': 'string', 'hashKeyType': 'STRING'|'NUMBER', 'rangeKeyField': 'string', 'rangeKeyValue': 'string', 'rangeKeyType': 'STRING'|'NUMBER', 'payloadField': 'string' }, 'dynamoDBv2': { 'roleArn': 'string', 'putItem': { 'tableName': 'string' } }, 'lambda': { 'functionArn': 'string' }, 'sns': { 'targetArn': 'string', 'roleArn': 'string', 'messageFormat': 'RAW'|'JSON' }, 'sqs': { 'roleArn': 'string', 'queueUrl': 'string', 'useBase64': True|False }, 'kinesis': { 'roleArn': 'string', 'streamName': 'string', 'partitionKey': 'string' }, 'republish': { 'roleArn': 'string', 'topic': 'string', 'qos': 123, 'headers': { 'payloadFormatIndicator': 'string', 'contentType': 'string', 'responseTopic': 'string', 'correlationData': 'string', 'messageExpiry': 'string', 'userProperties': [ { 'key': 'string', 'value': 'string' }, ] } }, 's3': { 'roleArn': 'string', 'bucketName': 'string', 'key': 'string', 'cannedAcl': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control'|'log-delivery-write' }, 'firehose': { 'roleArn': 'string', 'deliveryStreamName': 'string', 'separator': 'string', 'batchMode': True|False }, 'cloudwatchMetric': { 'roleArn': 'string', 'metricNamespace': 'string', 'metricName': 'string', 'metricValue': 'string', 'metricUnit': 'string', 'metricTimestamp': 'string' }, 'cloudwatchAlarm': { 'roleArn': 'string', 'alarmName': 'string', 'stateReason': 'string', 'stateValue': 'string' }, 'cloudwatchLogs': { 'roleArn': 'string', 'logGroupName': 'string', 'batchMode': True|False }, 'elasticsearch': { 'roleArn': 'string', 'endpoint': 'string', 'index': 'string', 'type': 'string', 'id': 'string' }, 'salesforce': { 'token': 'string', 'url': 'string' }, 'iotAnalytics': { 'channelArn': 'string', 'channelName': 'string', 'batchMode': True|False, 'roleArn': 'string' }, 'iotEvents': { 'inputName': 'string', 'messageId': 'string', 'batchMode': True|False, 'roleArn': 'string' }, 'iotSiteWise': { 'putAssetPropertyValueEntries': [ { 'entryId': 'string', 'assetId': 'string', 'propertyId': 'string', 'propertyAlias': 'string', 'propertyValues': [ { 'value': { 'stringValue': 'string', 'integerValue': 'string', 'doubleValue': 'string', 'booleanValue': 'string' }, 'timestamp': { 'timeInSeconds': 'string', 'offsetInNanos': 'string' }, 'quality': 'string' }, ] }, ], 'roleArn': 'string' }, 'stepFunctions': { 'executionNamePrefix': 'string', 'stateMachineName': 'string', 'roleArn': 'string' }, 'timestream': { 'roleArn': 'string', 'databaseName': 'string', 'tableName': 'string', 'dimensions': [ { 'name': 'string', 'value': 'string' }, ], 'timestamp': { 'value': 'string', 'unit': 'string' } }, 'http': { 'url': 'string', 'confirmationUrl': 'string', 'headers': [ { 'key': 'string', 'value': 'string' }, ], 'auth': { 'sigv4': { 'signingRegion': 'string', 'serviceName': 'string', 'roleArn': 'string' } } }, 'kafka': { 'destinationArn': 'string', 'topic': 'string', 'key': 'string', 'partition': 'string', 'clientProperties': { 'string': 'string' }, 'headers': [ { 'key': 'string', 'value': 'string' }, ] }, 'openSearch': { 'roleArn': 'string', 'endpoint': 'string', 'index': 'string', 'type': 'string', 'id': 'string' }, 'location': { 'roleArn': 'string', 'trackerName': 'string', 'deviceId': 'string', 'timestamp': { 'value': 'string', 'unit': 'string' }, 'latitude': 'string', 'longitude': 'string' } } } } **Response Structure** * *(dict) --* The output from the GetTopicRule operation. * **ruleArn** *(string) --* The rule ARN. * **rule** *(dict) --* The rule. * **ruleName** *(string) --* The name of the rule. * **sql** *(string) --* The SQL statement used to query the topic. When using a SQL query with multiple lines, be sure to escape the newline characters. * **description** *(string) --* The description of the rule. * **createdAt** *(datetime) --* The date and time the rule was created. * **actions** *(list) --* The actions associated with the rule. * *(dict) --* Describes the actions associated with a rule. * **dynamoDB** *(dict) --* Write to a DynamoDB table. * **tableName** *(string) --* The name of the DynamoDB table. * **roleArn** *(string) --* The ARN of the IAM role that grants access to the DynamoDB table. * **operation** *(string) --* The type of operation to be performed. This follows the substitution template, so it can be "${operation}", but the substitution must result in one of the following: "INSERT", "UPDATE", or "DELETE". * **hashKeyField** *(string) --* The hash key name. * **hashKeyValue** *(string) --* The hash key value. * **hashKeyType** *(string) --* The hash key type. Valid values are "STRING" or "NUMBER" * **rangeKeyField** *(string) --* The range key name. * **rangeKeyValue** *(string) --* The range key value. * **rangeKeyType** *(string) --* The range key type. Valid values are "STRING" or "NUMBER" * **payloadField** *(string) --* The action payload. This name can be customized. * **dynamoDBv2** *(dict) --* Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column. * **roleArn** *(string) --* The ARN of the IAM role that grants access to the DynamoDB table. * **putItem** *(dict) --* Specifies the DynamoDB table to which the message data will be written. For example: "{ "dynamoDBv2": { "roleArn": "aws:iam:12341251:my- role" "putItem": { "tableName": "my-table" } } }" Each attribute in the message payload will be written to a separate column in the DynamoDB database. * **tableName** *(string) --* The table where the message data will be written. * **lambda** *(dict) --* Invoke a Lambda function. * **functionArn** *(string) --* The ARN of the Lambda function. * **sns** *(dict) --* Publish to an Amazon SNS topic. * **targetArn** *(string) --* The ARN of the SNS topic. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **messageFormat** *(string) --* (Optional) The message format of the message to publish. Accepted values are "JSON" and "RAW". The default value of the attribute is "RAW". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. To read more about SNS message formats, see https://docs.aws.amazon.com/sns/latest/dg/json- formats.html refer to their official documentation. * **sqs** *(dict) --* Publish to an Amazon SQS queue. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **queueUrl** *(string) --* The URL of the Amazon SQS queue. * **useBase64** *(boolean) --* Specifies whether to use Base64 encoding. * **kinesis** *(dict) --* Write data to an Amazon Kinesis stream. * **roleArn** *(string) --* The ARN of the IAM role that grants access to the Amazon Kinesis stream. * **streamName** *(string) --* The name of the Amazon Kinesis stream. * **partitionKey** *(string) --* The partition key. * **republish** *(dict) --* Publish to another MQTT topic. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **topic** *(string) --* The name of the MQTT topic. * **qos** *(integer) --* The Quality of Service (QoS) level to use when republishing messages. The default value is 0. * **headers** *(dict) --* MQTT Version 5.0 headers information. For more information, see MQTT from the Amazon Web Services IoT Core Developer Guide. * **payloadFormatIndicator** *(string) --* An "Enum" string value that indicates whether the payload is formatted as UTF-8. Valid values are "UNSPECIFIED_BYTES" and "UTF8_DATA". For more information, see Payload Format Indicator from the MQTT Version 5.0 specification. Supports substitution templates. * **contentType** *(string) --* A UTF-8 encoded string that describes the content of the publishing message. For more information, see Content Type from the MQTT Version 5.0 specification. Supports substitution templates. * **responseTopic** *(string) --* A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic which the receiver should publish to as part of the request-response flow. The topic must not contain wildcard characters. For more information, see Response Topic from the MQTT Version 5.0 specification. Supports substitution templates. * **correlationData** *(string) --* The base64-encoded binary data used by the sender of the request message to identify which request the response message is for when it's received. For more information, see Correlation Data from the MQTT Version 5.0 specification. Note: This binary data must be based64-encoded. Supports substitution templates. * **messageExpiry** *(string) --* A user-defined integer value that will persist a message at the message broker for a specified amount of time to ensure that the message will expire if it's no longer relevant to the subscriber. The value of "messageExpiry" represents the number of seconds before it expires. For more information about the limits of "messageExpiry", see Amazon Web Services IoT Core message broker and protocol limits and quotas from the Amazon Web Services Reference Guide. Supports substitution templates. * **userProperties** *(list) --* An array of key-value pairs that you define in the MQTT5 header. * *(dict) --* A key-value pair that you define in the header. Both the key and the value are either literal strings or valid substitution templates. * **key** *(string) --* A key to be specified in "UserProperty". * **value** *(string) --* A value to be specified in "UserProperty". * **s3** *(dict) --* Write to an Amazon S3 bucket. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **bucketName** *(string) --* The Amazon S3 bucket. * **key** *(string) --* The object key. For more information, see Actions, resources, and condition keys for Amazon S3. * **cannedAcl** *(string) --* The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see S3 canned ACLs. * **firehose** *(dict) --* Write to an Amazon Kinesis Firehose stream. * **roleArn** *(string) --* The IAM role that grants access to the Amazon Kinesis Firehose stream. * **deliveryStreamName** *(string) --* The delivery stream name. * **separator** *(string) --* A character separator that will be used to separate records written to the Firehose stream. Valid values are: 'n' (newline), 't' (tab), 'rn' (Windows newline), ',' (comma). * **batchMode** *(boolean) --* Whether to deliver the Kinesis Data Firehose stream as a batch by using PutRecordBatch. The default value is "false". When "batchMode" is "true" and the rule's SQL statement evaluates to an Array, each Array element forms one record in the PutRecordBatch request. The resulting array can't have more than 500 records. * **cloudwatchMetric** *(dict) --* Capture a CloudWatch metric. * **roleArn** *(string) --* The IAM role that allows access to the CloudWatch metric. * **metricNamespace** *(string) --* The CloudWatch metric namespace name. * **metricName** *(string) --* The CloudWatch metric name. * **metricValue** *(string) --* The CloudWatch metric value. * **metricUnit** *(string) --* The metric unit supported by CloudWatch. * **metricTimestamp** *(string) --* An optional Unix timestamp. * **cloudwatchAlarm** *(dict) --* Change the state of a CloudWatch alarm. * **roleArn** *(string) --* The IAM role that allows access to the CloudWatch alarm. * **alarmName** *(string) --* The CloudWatch alarm name. * **stateReason** *(string) --* The reason for the alarm change. * **stateValue** *(string) --* The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA. * **cloudwatchLogs** *(dict) --* Send data to CloudWatch Logs. * **roleArn** *(string) --* The IAM role that allows access to the CloudWatch log. * **logGroupName** *(string) --* The CloudWatch log group to which the action sends data. * **batchMode** *(boolean) --* Indicates whether batches of log records will be extracted and uploaded into CloudWatch. Values include "true" or "false" *(default)*. * **elasticsearch** *(dict) --* Write data to an Amazon OpenSearch Service domain. Note: The "Elasticsearch" action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the "OpenSearch" rule action instead. For more information, see OpenSearchAction. * **roleArn** *(string) --* The IAM role ARN that has access to OpenSearch. * **endpoint** *(string) --* The endpoint of your OpenSearch domain. * **index** *(string) --* The index where you want to store your data. * **type** *(string) --* The type of document you are storing. * **id** *(string) --* The unique identifier for the document you are storing. * **salesforce** *(dict) --* Send a message to a Salesforce IoT Cloud Input Stream. * **token** *(string) --* The token used to authenticate access to the Salesforce IoT Cloud Input Stream. The token is available from the Salesforce IoT Cloud platform after creation of the Input Stream. * **url** *(string) --* The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is available from the Salesforce IoT Cloud platform after creation of the Input Stream. * **iotAnalytics** *(dict) --* Sends message data to an IoT Analytics channel. * **channelArn** *(string) --* (deprecated) The ARN of the IoT Analytics channel to which message data will be sent. * **channelName** *(string) --* The name of the IoT Analytics channel to which message data will be sent. * **batchMode** *(boolean) --* Whether to process the action as a batch. The default value is "false". When "batchMode" is "true" and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by BatchPutMessage to the IoT Analytics channel. The resulting array can't have more than 100 messages. * **roleArn** *(string) --* The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage). * **iotEvents** *(dict) --* Sends an input to an IoT Events detector. * **inputName** *(string) --* The name of the IoT Events input. * **messageId** *(string) --* The ID of the message. The default "messageId" is a new UUID value. When "batchMode" is "true", you can't specify a "messageId"--a new UUID value will be assigned. Assign a value to this property to ensure that only one input (message) with a given "messageId" will be processed by an IoT Events detector. * **batchMode** *(boolean) --* Whether to process the event actions as a batch. The default value is "false". When "batchMode" is "true", you can't specify a "messageId". When "batchMode" is "true" and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when it's sent to IoT Events by calling BatchPutMessage. The resulting array can't have more than 10 messages. * **roleArn** *(string) --* The ARN of the role that grants IoT permission to send an input to an IoT Events detector. ("Action":"iotevents:BatchPutMessage"). * **iotSiteWise** *(dict) --* Sends data from the MQTT message that triggered the rule to IoT SiteWise asset properties. * **putAssetPropertyValueEntries** *(list) --* A list of asset property value entries. * *(dict) --* An asset property value entry containing the following information. * **entryId** *(string) --* Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID. * **assetId** *(string) --* The ID of the IoT SiteWise asset. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyId** *(string) --* The ID of the asset's property. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyAlias** *(string) --* The name of the property alias associated with your asset property. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyValues** *(list) --* A list of property values to insert that each contain timestamp, quality, and value (TQV) information. * *(dict) --* An asset property value entry containing the following information. * **value** *(dict) --* The value of the asset property. * **stringValue** *(string) --* Optional. The string value of the value entry. Accepts substitution templates. * **integerValue** *(string) --* Optional. A string that contains the integer value of the value entry. Accepts substitution templates. * **doubleValue** *(string) --* Optional. A string that contains the double value of the value entry. Accepts substitution templates. * **booleanValue** *(string) --* Optional. A string that contains the boolean value ( "true" or "false") of the value entry. Accepts substitution templates. * **timestamp** *(dict) --* The asset property value timestamp. * **timeInSeconds** *(string) --* A string that contains the time in seconds since epoch. Accepts substitution templates. * **offsetInNanos** *(string) --* Optional. A string that contains the nanosecond time offset. Accepts substitution templates. * **quality** *(string) --* Optional. A string that describes the quality of the value. Accepts substitution templates. Must be "GOOD", "BAD", or "UNCERTAIN". * **roleArn** *(string) --* The ARN of the role that grants IoT permission to send an asset property value to IoT SiteWise. ( ""Action": "iotsitewise:BatchPutAssetPropertyValue""). The trust policy can restrict access to specific asset hierarchy paths. * **stepFunctions** *(dict) --* Starts execution of a Step Functions state machine. * **executionNamePrefix** *(string) --* (Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided. * **stateMachineName** *(string) --* The name of the Step Functions state machine whose execution will be started. * **roleArn** *(string) --* The ARN of the role that grants IoT permission to start execution of a state machine ("Action":"states:StartExecution"). * **timestream** *(dict) --* The Timestream rule action writes attributes (measures) from an MQTT message into an Amazon Timestream table. For more information, see the Timestream topic rule action documentation. * **roleArn** *(string) --* The ARN of the role that grants permission to write to the Amazon Timestream database table. * **databaseName** *(string) --* The name of an Amazon Timestream database. * **tableName** *(string) --* The name of the database table into which to write the measure records. * **dimensions** *(list) --* Metadata attributes of the time series that are written in each measure record. * *(dict) --* Metadata attributes of the time series that are written in each measure record. * **name** *(string) --* The metadata dimension name. This is the name of the column in the Amazon Timestream database table record. Dimensions cannot be named: "measure_name", "measure_value", or "time". These names are reserved. Dimension names cannot start with "ts_" or "measure_value" and they cannot contain the colon ( ":") character. * **value** *(string) --* The value to write in this column of the database record. * **timestamp** *(dict) --* Specifies an application-defined value to replace the default value assigned to the Timestream record's timestamp in the "time" column. You can use this property to specify the value and the precision of the Timestream record's timestamp. You can specify a value from the message payload or a value computed by a substitution template. If omitted, the topic rule action assigns the timestamp, in milliseconds, at the time it processed the rule. * **value** *(string) --* An expression that returns a long epoch time value. * **unit** *(string) --* The precision of the timestamp value that results from the expression described in "value". Valid values: "SECONDS" | "MILLISECONDS" | "MICROSECONDS" | "NANOSECONDS". The default is "MILLISECONDS". * **http** *(dict) --* Send data to an HTTPS endpoint. * **url** *(string) --* The endpoint URL. If substitution templates are used in the URL, you must also specify a "confirmationUrl". If this is a new destination, a new "TopicRuleDestination" is created if possible. * **confirmationUrl** *(string) --* The URL to which IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL. * **headers** *(list) --* The HTTP headers to send with the message data. * *(dict) --* The HTTP action header. * **key** *(string) --* The HTTP header key. * **value** *(string) --* The HTTP header value. Substitution templates are supported. * **auth** *(dict) --* The authentication method to use when sending data to an HTTPS endpoint. * **sigv4** *(dict) --* Use Sig V4 authorization. For more information, see Signature Version 4 Signing Process. * **signingRegion** *(string) --* The signing region. * **serviceName** *(string) --* The service name to use while signing with Sig V4. * **roleArn** *(string) --* The ARN of the signing role. * **kafka** *(dict) --* Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster. * **destinationArn** *(string) --* The ARN of Kafka action's VPC "TopicRuleDestination". * **topic** *(string) --* The Kafka topic for messages to be sent to the Kafka broker. * **key** *(string) --* The Kafka message key. * **partition** *(string) --* The Kafka message partition. * **clientProperties** *(dict) --* Properties of the Apache Kafka producer client. * *(string) --* * *(string) --* * **headers** *(list) --* The list of Kafka headers that you specify. * *(dict) --* Specifies a Kafka header using key-value pairs when you create a Rule’s Kafka Action. You can use these headers to route data from IoT clients to downstream Kafka clusters without modifying your message payload. For more information about Rule's Kafka action, see Apache Kafka. * **key** *(string) --* The key of the Kafka header. * **value** *(string) --* The value of the Kafka header. * **openSearch** *(dict) --* Write data to an Amazon OpenSearch Service domain. * **roleArn** *(string) --* The IAM role ARN that has access to OpenSearch. * **endpoint** *(string) --* The endpoint of your OpenSearch domain. * **index** *(string) --* The OpenSearch index where you want to store your data. * **type** *(string) --* The type of document you are storing. * **id** *(string) --* The unique identifier for the document you are storing. * **location** *(dict) --* The Amazon Location Service rule action sends device location updates from an MQTT message to an Amazon Location tracker resource. * **roleArn** *(string) --* The IAM role that grants permission to write to the Amazon Location resource. * **trackerName** *(string) --* The name of the tracker resource in Amazon Location in which the location is updated. * **deviceId** *(string) --* The unique ID of the device providing the location data. * **timestamp** *(dict) --* The time that the location data was sampled. The default value is the time the MQTT message was processed. * **value** *(string) --* An expression that returns a long epoch time value. * **unit** *(string) --* The precision of the timestamp value that results from the expression described in "value". Valid values: "SECONDS" | "MILLISECONDS" | "MICROSECONDS" | "NANOSECONDS". The default is "MILLISECONDS". * **latitude** *(string) --* A string that evaluates to a double value that represents the latitude of the device's location. * **longitude** *(string) --* A string that evaluates to a double value that represents the longitude of the device's location. * **ruleDisabled** *(boolean) --* Specifies whether the rule is disabled. * **awsIotSqlVersion** *(string) --* The version of the SQL rules engine to use when evaluating the rule. * **errorAction** *(dict) --* The action to perform when an error occurs. * **dynamoDB** *(dict) --* Write to a DynamoDB table. * **tableName** *(string) --* The name of the DynamoDB table. * **roleArn** *(string) --* The ARN of the IAM role that grants access to the DynamoDB table. * **operation** *(string) --* The type of operation to be performed. This follows the substitution template, so it can be "${operation}", but the substitution must result in one of the following: "INSERT", "UPDATE", or "DELETE". * **hashKeyField** *(string) --* The hash key name. * **hashKeyValue** *(string) --* The hash key value. * **hashKeyType** *(string) --* The hash key type. Valid values are "STRING" or "NUMBER" * **rangeKeyField** *(string) --* The range key name. * **rangeKeyValue** *(string) --* The range key value. * **rangeKeyType** *(string) --* The range key type. Valid values are "STRING" or "NUMBER" * **payloadField** *(string) --* The action payload. This name can be customized. * **dynamoDBv2** *(dict) --* Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column. * **roleArn** *(string) --* The ARN of the IAM role that grants access to the DynamoDB table. * **putItem** *(dict) --* Specifies the DynamoDB table to which the message data will be written. For example: "{ "dynamoDBv2": { "roleArn": "aws:iam:12341251:my- role" "putItem": { "tableName": "my-table" } } }" Each attribute in the message payload will be written to a separate column in the DynamoDB database. * **tableName** *(string) --* The table where the message data will be written. * **lambda** *(dict) --* Invoke a Lambda function. * **functionArn** *(string) --* The ARN of the Lambda function. * **sns** *(dict) --* Publish to an Amazon SNS topic. * **targetArn** *(string) --* The ARN of the SNS topic. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **messageFormat** *(string) --* (Optional) The message format of the message to publish. Accepted values are "JSON" and "RAW". The default value of the attribute is "RAW". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. To read more about SNS message formats, see https://docs.aws.amazon.com/sns/latest/dg /json-formats.html refer to their official documentation. * **sqs** *(dict) --* Publish to an Amazon SQS queue. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **queueUrl** *(string) --* The URL of the Amazon SQS queue. * **useBase64** *(boolean) --* Specifies whether to use Base64 encoding. * **kinesis** *(dict) --* Write data to an Amazon Kinesis stream. * **roleArn** *(string) --* The ARN of the IAM role that grants access to the Amazon Kinesis stream. * **streamName** *(string) --* The name of the Amazon Kinesis stream. * **partitionKey** *(string) --* The partition key. * **republish** *(dict) --* Publish to another MQTT topic. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **topic** *(string) --* The name of the MQTT topic. * **qos** *(integer) --* The Quality of Service (QoS) level to use when republishing messages. The default value is 0. * **headers** *(dict) --* MQTT Version 5.0 headers information. For more information, see MQTT from the Amazon Web Services IoT Core Developer Guide. * **payloadFormatIndicator** *(string) --* An "Enum" string value that indicates whether the payload is formatted as UTF-8. Valid values are "UNSPECIFIED_BYTES" and "UTF8_DATA". For more information, see Payload Format Indicator from the MQTT Version 5.0 specification. Supports substitution templates. * **contentType** *(string) --* A UTF-8 encoded string that describes the content of the publishing message. For more information, see Content Type from the MQTT Version 5.0 specification. Supports substitution templates. * **responseTopic** *(string) --* A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic which the receiver should publish to as part of the request-response flow. The topic must not contain wildcard characters. For more information, see Response Topic from the MQTT Version 5.0 specification. Supports substitution templates. * **correlationData** *(string) --* The base64-encoded binary data used by the sender of the request message to identify which request the response message is for when it's received. For more information, see Correlation Data from the MQTT Version 5.0 specification. Note: This binary data must be based64-encoded. Supports substitution templates. * **messageExpiry** *(string) --* A user-defined integer value that will persist a message at the message broker for a specified amount of time to ensure that the message will expire if it's no longer relevant to the subscriber. The value of "messageExpiry" represents the number of seconds before it expires. For more information about the limits of "messageExpiry", see Amazon Web Services IoT Core message broker and protocol limits and quotas from the Amazon Web Services Reference Guide. Supports substitution templates. * **userProperties** *(list) --* An array of key-value pairs that you define in the MQTT5 header. * *(dict) --* A key-value pair that you define in the header. Both the key and the value are either literal strings or valid substitution templates. * **key** *(string) --* A key to be specified in "UserProperty". * **value** *(string) --* A value to be specified in "UserProperty". * **s3** *(dict) --* Write to an Amazon S3 bucket. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **bucketName** *(string) --* The Amazon S3 bucket. * **key** *(string) --* The object key. For more information, see Actions, resources, and condition keys for Amazon S3. * **cannedAcl** *(string) --* The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see S3 canned ACLs. * **firehose** *(dict) --* Write to an Amazon Kinesis Firehose stream. * **roleArn** *(string) --* The IAM role that grants access to the Amazon Kinesis Firehose stream. * **deliveryStreamName** *(string) --* The delivery stream name. * **separator** *(string) --* A character separator that will be used to separate records written to the Firehose stream. Valid values are: 'n' (newline), 't' (tab), 'rn' (Windows newline), ',' (comma). * **batchMode** *(boolean) --* Whether to deliver the Kinesis Data Firehose stream as a batch by using PutRecordBatch. The default value is "false". When "batchMode" is "true" and the rule's SQL statement evaluates to an Array, each Array element forms one record in the PutRecordBatch request. The resulting array can't have more than 500 records. * **cloudwatchMetric** *(dict) --* Capture a CloudWatch metric. * **roleArn** *(string) --* The IAM role that allows access to the CloudWatch metric. * **metricNamespace** *(string) --* The CloudWatch metric namespace name. * **metricName** *(string) --* The CloudWatch metric name. * **metricValue** *(string) --* The CloudWatch metric value. * **metricUnit** *(string) --* The metric unit supported by CloudWatch. * **metricTimestamp** *(string) --* An optional Unix timestamp. * **cloudwatchAlarm** *(dict) --* Change the state of a CloudWatch alarm. * **roleArn** *(string) --* The IAM role that allows access to the CloudWatch alarm. * **alarmName** *(string) --* The CloudWatch alarm name. * **stateReason** *(string) --* The reason for the alarm change. * **stateValue** *(string) --* The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA. * **cloudwatchLogs** *(dict) --* Send data to CloudWatch Logs. * **roleArn** *(string) --* The IAM role that allows access to the CloudWatch log. * **logGroupName** *(string) --* The CloudWatch log group to which the action sends data. * **batchMode** *(boolean) --* Indicates whether batches of log records will be extracted and uploaded into CloudWatch. Values include "true" or "false" *(default)*. * **elasticsearch** *(dict) --* Write data to an Amazon OpenSearch Service domain. Note: The "Elasticsearch" action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the "OpenSearch" rule action instead. For more information, see OpenSearchAction. * **roleArn** *(string) --* The IAM role ARN that has access to OpenSearch. * **endpoint** *(string) --* The endpoint of your OpenSearch domain. * **index** *(string) --* The index where you want to store your data. * **type** *(string) --* The type of document you are storing. * **id** *(string) --* The unique identifier for the document you are storing. * **salesforce** *(dict) --* Send a message to a Salesforce IoT Cloud Input Stream. * **token** *(string) --* The token used to authenticate access to the Salesforce IoT Cloud Input Stream. The token is available from the Salesforce IoT Cloud platform after creation of the Input Stream. * **url** *(string) --* The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is available from the Salesforce IoT Cloud platform after creation of the Input Stream. * **iotAnalytics** *(dict) --* Sends message data to an IoT Analytics channel. * **channelArn** *(string) --* (deprecated) The ARN of the IoT Analytics channel to which message data will be sent. * **channelName** *(string) --* The name of the IoT Analytics channel to which message data will be sent. * **batchMode** *(boolean) --* Whether to process the action as a batch. The default value is "false". When "batchMode" is "true" and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by BatchPutMessage to the IoT Analytics channel. The resulting array can't have more than 100 messages. * **roleArn** *(string) --* The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage). * **iotEvents** *(dict) --* Sends an input to an IoT Events detector. * **inputName** *(string) --* The name of the IoT Events input. * **messageId** *(string) --* The ID of the message. The default "messageId" is a new UUID value. When "batchMode" is "true", you can't specify a "messageId"--a new UUID value will be assigned. Assign a value to this property to ensure that only one input (message) with a given "messageId" will be processed by an IoT Events detector. * **batchMode** *(boolean) --* Whether to process the event actions as a batch. The default value is "false". When "batchMode" is "true", you can't specify a "messageId". When "batchMode" is "true" and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when it's sent to IoT Events by calling BatchPutMessage. The resulting array can't have more than 10 messages. * **roleArn** *(string) --* The ARN of the role that grants IoT permission to send an input to an IoT Events detector. ("Action":"iotevents:BatchPutMessage"). * **iotSiteWise** *(dict) --* Sends data from the MQTT message that triggered the rule to IoT SiteWise asset properties. * **putAssetPropertyValueEntries** *(list) --* A list of asset property value entries. * *(dict) --* An asset property value entry containing the following information. * **entryId** *(string) --* Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID. * **assetId** *(string) --* The ID of the IoT SiteWise asset. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyId** *(string) --* The ID of the asset's property. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyAlias** *(string) --* The name of the property alias associated with your asset property. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyValues** *(list) --* A list of property values to insert that each contain timestamp, quality, and value (TQV) information. * *(dict) --* An asset property value entry containing the following information. * **value** *(dict) --* The value of the asset property. * **stringValue** *(string) --* Optional. The string value of the value entry. Accepts substitution templates. * **integerValue** *(string) --* Optional. A string that contains the integer value of the value entry. Accepts substitution templates. * **doubleValue** *(string) --* Optional. A string that contains the double value of the value entry. Accepts substitution templates. * **booleanValue** *(string) --* Optional. A string that contains the boolean value ( "true" or "false") of the value entry. Accepts substitution templates. * **timestamp** *(dict) --* The asset property value timestamp. * **timeInSeconds** *(string) --* A string that contains the time in seconds since epoch. Accepts substitution templates. * **offsetInNanos** *(string) --* Optional. A string that contains the nanosecond time offset. Accepts substitution templates. * **quality** *(string) --* Optional. A string that describes the quality of the value. Accepts substitution templates. Must be "GOOD", "BAD", or "UNCERTAIN". * **roleArn** *(string) --* The ARN of the role that grants IoT permission to send an asset property value to IoT SiteWise. ( ""Action": "iotsitewise:BatchPutAssetPropertyValue""). The trust policy can restrict access to specific asset hierarchy paths. * **stepFunctions** *(dict) --* Starts execution of a Step Functions state machine. * **executionNamePrefix** *(string) --* (Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided. * **stateMachineName** *(string) --* The name of the Step Functions state machine whose execution will be started. * **roleArn** *(string) --* The ARN of the role that grants IoT permission to start execution of a state machine ("Action":"states:StartExecution"). * **timestream** *(dict) --* The Timestream rule action writes attributes (measures) from an MQTT message into an Amazon Timestream table. For more information, see the Timestream topic rule action documentation. * **roleArn** *(string) --* The ARN of the role that grants permission to write to the Amazon Timestream database table. * **databaseName** *(string) --* The name of an Amazon Timestream database. * **tableName** *(string) --* The name of the database table into which to write the measure records. * **dimensions** *(list) --* Metadata attributes of the time series that are written in each measure record. * *(dict) --* Metadata attributes of the time series that are written in each measure record. * **name** *(string) --* The metadata dimension name. This is the name of the column in the Amazon Timestream database table record. Dimensions cannot be named: "measure_name", "measure_value", or "time". These names are reserved. Dimension names cannot start with "ts_" or "measure_value" and they cannot contain the colon ( ":") character. * **value** *(string) --* The value to write in this column of the database record. * **timestamp** *(dict) --* Specifies an application-defined value to replace the default value assigned to the Timestream record's timestamp in the "time" column. You can use this property to specify the value and the precision of the Timestream record's timestamp. You can specify a value from the message payload or a value computed by a substitution template. If omitted, the topic rule action assigns the timestamp, in milliseconds, at the time it processed the rule. * **value** *(string) --* An expression that returns a long epoch time value. * **unit** *(string) --* The precision of the timestamp value that results from the expression described in "value". Valid values: "SECONDS" | "MILLISECONDS" | "MICROSECONDS" | "NANOSECONDS". The default is "MILLISECONDS". * **http** *(dict) --* Send data to an HTTPS endpoint. * **url** *(string) --* The endpoint URL. If substitution templates are used in the URL, you must also specify a "confirmationUrl". If this is a new destination, a new "TopicRuleDestination" is created if possible. * **confirmationUrl** *(string) --* The URL to which IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL. * **headers** *(list) --* The HTTP headers to send with the message data. * *(dict) --* The HTTP action header. * **key** *(string) --* The HTTP header key. * **value** *(string) --* The HTTP header value. Substitution templates are supported. * **auth** *(dict) --* The authentication method to use when sending data to an HTTPS endpoint. * **sigv4** *(dict) --* Use Sig V4 authorization. For more information, see Signature Version 4 Signing Process. * **signingRegion** *(string) --* The signing region. * **serviceName** *(string) --* The service name to use while signing with Sig V4. * **roleArn** *(string) --* The ARN of the signing role. * **kafka** *(dict) --* Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster. * **destinationArn** *(string) --* The ARN of Kafka action's VPC "TopicRuleDestination". * **topic** *(string) --* The Kafka topic for messages to be sent to the Kafka broker. * **key** *(string) --* The Kafka message key. * **partition** *(string) --* The Kafka message partition. * **clientProperties** *(dict) --* Properties of the Apache Kafka producer client. * *(string) --* * *(string) --* * **headers** *(list) --* The list of Kafka headers that you specify. * *(dict) --* Specifies a Kafka header using key-value pairs when you create a Rule’s Kafka Action. You can use these headers to route data from IoT clients to downstream Kafka clusters without modifying your message payload. For more information about Rule's Kafka action, see Apache Kafka. * **key** *(string) --* The key of the Kafka header. * **value** *(string) --* The value of the Kafka header. * **openSearch** *(dict) --* Write data to an Amazon OpenSearch Service domain. * **roleArn** *(string) --* The IAM role ARN that has access to OpenSearch. * **endpoint** *(string) --* The endpoint of your OpenSearch domain. * **index** *(string) --* The OpenSearch index where you want to store your data. * **type** *(string) --* The type of document you are storing. * **id** *(string) --* The unique identifier for the document you are storing. * **location** *(dict) --* The Amazon Location Service rule action sends device location updates from an MQTT message to an Amazon Location tracker resource. * **roleArn** *(string) --* The IAM role that grants permission to write to the Amazon Location resource. * **trackerName** *(string) --* The name of the tracker resource in Amazon Location in which the location is updated. * **deviceId** *(string) --* The unique ID of the device providing the location data. * **timestamp** *(dict) --* The time that the location data was sampled. The default value is the time the MQTT message was processed. * **value** *(string) --* An expression that returns a long epoch time value. * **unit** *(string) --* The precision of the timestamp value that results from the expression described in "value". Valid values: "SECONDS" | "MILLISECONDS" | "MICROSECONDS" | "NANOSECONDS". The default is "MILLISECONDS". * **latitude** *(string) --* A string that evaluates to a double value that represents the latitude of the device's location. * **longitude** *(string) --* A string that evaluates to a double value that represents the longitude of the device's location. **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.UnauthorizedException" IoT / Client / update_security_profile update_security_profile *********************** IoT.Client.update_security_profile(**kwargs) Updates a Device Defender security profile. Requires permission to access the UpdateSecurityProfile action. See also: AWS API Documentation **Request Syntax** response = client.update_security_profile( securityProfileName='string', securityProfileDescription='string', behaviors=[ { 'name': 'string', 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'criteria': { 'comparisonOperator': 'less-than'|'less-than-equals'|'greater-than'|'greater-than-equals'|'in-cidr-set'|'not-in-cidr-set'|'in-port-set'|'not-in-port-set'|'in-set'|'not-in-set', 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'durationSeconds': 123, 'consecutiveDatapointsToAlarm': 123, 'consecutiveDatapointsToClear': 123, 'statisticalThreshold': { 'statistic': 'string' }, 'mlDetectionConfig': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' } }, 'suppressAlerts': True|False, 'exportMetric': True|False }, ], alertTargets={ 'string': { 'alertTargetArn': 'string', 'roleArn': 'string' } }, additionalMetricsToRetain=[ 'string', ], additionalMetricsToRetainV2=[ { 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'exportMetric': True|False }, ], deleteBehaviors=True|False, deleteAlertTargets=True|False, deleteAdditionalMetricsToRetain=True|False, expectedVersion=123, metricsExportConfig={ 'mqttTopic': 'string', 'roleArn': 'string' }, deleteMetricsExportConfig=True|False ) Parameters: * **securityProfileName** (*string*) -- **[REQUIRED]** The name of the security profile you want to update. * **securityProfileDescription** (*string*) -- A description of the security profile. * **behaviors** (*list*) -- Specifies the behaviors that, when violated by a device (thing), cause an alert. * *(dict) --* A Device Defender security profile behavior. * **name** *(string) --* **[REQUIRED]** The name you've given to the behavior. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension for a metric in your behavior. For example, using a "TOPIC_FILTER" dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can't be used with custom metrics. * **dimensionName** *(string) --* **[REQUIRED]** A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **criteria** *(dict) --* The criteria that determine if a device is behaving normally in regard to the "metric". Note: In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously. * **comparisonOperator** *(string) --* The operator that relates the thing measured ( "metric") to the criteria (containing a "value" or "statisticalThreshold"). Valid operators include: * "string-list": "in-set" and "not-in-set" * "number-list": "in-set" and "not-in-set" * "ip-address-list": "in-cidr-set" and "not-in-cidr-set" * "number": "less-than", "less-than-equals", "greater- than", and "greater-than-equals" * **value** *(dict) --* The value to be compared with the "metric". * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **durationSeconds** *(integer) --* Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, "NUM_MESSAGES_SENT"). For a "statisticalThreshhold" metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes. * **consecutiveDatapointsToAlarm** *(integer) --* If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. * **consecutiveDatapointsToClear** *(integer) --* If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. * **statisticalThreshold** *(dict) --* A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. * **statistic** *(string) --* The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( "durationSeconds") from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( "comparisonOperator") the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs. * **mlDetectionConfig** *(dict) --* The configuration of an ML Detect * **confidenceLevel** *(string) --* **[REQUIRED]** The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **suppressAlerts** *(boolean) --* Suppresses alerts. * **exportMetric** *(boolean) --* Value indicates exporting metrics related to the behavior when it is true. * **alertTargets** (*dict*) -- Where the alerts are sent. (Alerts are always sent to the console.) * *(string) --* The type of alert target: one of "SNS". * *(dict) --* A structure containing the alert target ARN and the role ARN. * **alertTargetArn** *(string) --* **[REQUIRED]** The Amazon Resource Name (ARN) of the notification target to which alerts are sent. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants permission to send alerts to the notification target. * **additionalMetricsToRetain** (*list*) -- Please use UpdateSecurityProfileRequest$additionalMetricsToRetainV2 instead. A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's "behaviors", but it is also retained for any metric specified here. Can be used with custom metrics; cannot be used with dimensions. * *(string) --* * **additionalMetricsToRetainV2** (*list*) -- A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here. Can be used with custom metrics; cannot be used with dimensions. * *(dict) --* The metric you want to retain. Dimensions are optional. * **metric** *(string) --* **[REQUIRED]** What is measured by the behavior. * **metricDimension** *(dict) --* The dimension of a metric. This can't be used with custom metrics. * **dimensionName** *(string) --* **[REQUIRED]** A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **exportMetric** *(boolean) --* The value indicates exporting metrics related to the "MetricToRetain" when it's true. * **deleteBehaviors** (*boolean*) -- If true, delete all "behaviors" defined for this security profile. If any "behaviors" are defined in the current invocation, an exception occurs. * **deleteAlertTargets** (*boolean*) -- If true, delete all "alertTargets" defined for this security profile. If any "alertTargets" are defined in the current invocation, an exception occurs. * **deleteAdditionalMetricsToRetain** (*boolean*) -- If true, delete all "additionalMetricsToRetain" defined for this security profile. If any "additionalMetricsToRetain" are defined in the current invocation, an exception occurs. * **expectedVersion** (*integer*) -- The expected version of the security profile. A new version is generated whenever the security profile is updated. If you specify a value that is different from the actual version, a "VersionConflictException" is thrown. * **metricsExportConfig** (*dict*) -- Specifies the MQTT topic and role ARN required for metric export. * **mqttTopic** *(string) --* **[REQUIRED]** The MQTT topic that Device Defender Detect should publish messages to for metrics export. * **roleArn** *(string) --* **[REQUIRED]** This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf. * **deleteMetricsExportConfig** (*boolean*) -- Set the value as true to delete metrics export related configurations. Return type: dict Returns: **Response Syntax** { 'securityProfileName': 'string', 'securityProfileArn': 'string', 'securityProfileDescription': 'string', 'behaviors': [ { 'name': 'string', 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'criteria': { 'comparisonOperator': 'less-than'|'less-than-equals'|'greater-than'|'greater-than-equals'|'in-cidr-set'|'not-in-cidr-set'|'in-port-set'|'not-in-port-set'|'in-set'|'not-in-set', 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'durationSeconds': 123, 'consecutiveDatapointsToAlarm': 123, 'consecutiveDatapointsToClear': 123, 'statisticalThreshold': { 'statistic': 'string' }, 'mlDetectionConfig': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' } }, 'suppressAlerts': True|False, 'exportMetric': True|False }, ], 'alertTargets': { 'string': { 'alertTargetArn': 'string', 'roleArn': 'string' } }, 'additionalMetricsToRetain': [ 'string', ], 'additionalMetricsToRetainV2': [ { 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'exportMetric': True|False }, ], 'version': 123, 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'metricsExportConfig': { 'mqttTopic': 'string', 'roleArn': 'string' } } **Response Structure** * *(dict) --* * **securityProfileName** *(string) --* The name of the security profile that was updated. * **securityProfileArn** *(string) --* The ARN of the security profile that was updated. * **securityProfileDescription** *(string) --* The description of the security profile. * **behaviors** *(list) --* Specifies the behaviors that, when violated by a device (thing), cause an alert. * *(dict) --* A Device Defender security profile behavior. * **name** *(string) --* The name you've given to the behavior. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension for a metric in your behavior. For example, using a "TOPIC_FILTER" dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can't be used with custom metrics. * **dimensionName** *(string) --* A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **criteria** *(dict) --* The criteria that determine if a device is behaving normally in regard to the "metric". Note: In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously. * **comparisonOperator** *(string) --* The operator that relates the thing measured ( "metric") to the criteria (containing a "value" or "statisticalThreshold"). Valid operators include: * "string-list": "in-set" and "not-in-set" * "number-list": "in-set" and "not-in-set" * "ip-address-list": "in-cidr-set" and "not-in-cidr- set" * "number": "less-than", "less-than-equals", "greater- than", and "greater-than-equals" * **value** *(dict) --* The value to be compared with the "metric". * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **durationSeconds** *(integer) --* Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, "NUM_MESSAGES_SENT"). For a "statisticalThreshhold" metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes. * **consecutiveDatapointsToAlarm** *(integer) --* If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. * **consecutiveDatapointsToClear** *(integer) --* If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. * **statisticalThreshold** *(dict) --* A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. * **statistic** *(string) --* The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( "durationSeconds") from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( "comparisonOperator") the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs. * **mlDetectionConfig** *(dict) --* The configuration of an ML Detect * **confidenceLevel** *(string) --* The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **suppressAlerts** *(boolean) --* Suppresses alerts. * **exportMetric** *(boolean) --* Value indicates exporting metrics related to the behavior when it is true. * **alertTargets** *(dict) --* Where the alerts are sent. (Alerts are always sent to the console.) * *(string) --* The type of alert target: one of "SNS". * *(dict) --* A structure containing the alert target ARN and the role ARN. * **alertTargetArn** *(string) --* The Amazon Resource Name (ARN) of the notification target to which alerts are sent. * **roleArn** *(string) --* The ARN of the role that grants permission to send alerts to the notification target. * **additionalMetricsToRetain** *(list) --* Please use UpdateSecurityProfileResponse$additionalMetricsToRetainV2 instead. A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the security profile's "behaviors", but it is also retained for any metric specified here. * *(string) --* * **additionalMetricsToRetainV2** *(list) --* A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here. Can be used with custom metrics; cannot be used with dimensions. * *(dict) --* The metric you want to retain. Dimensions are optional. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension of a metric. This can't be used with custom metrics. * **dimensionName** *(string) --* A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **exportMetric** *(boolean) --* The value indicates exporting metrics related to the "MetricToRetain" when it's true. * **version** *(integer) --* The updated version of the security profile. * **creationDate** *(datetime) --* The time the security profile was created. * **lastModifiedDate** *(datetime) --* The time the security profile was last modified. * **metricsExportConfig** *(dict) --* Specifies the MQTT topic and role ARN required for metric export. * **mqttTopic** *(string) --* The MQTT topic that Device Defender Detect should publish messages to for metrics export. * **roleArn** *(string) --* This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.VersionConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / delete_certificate_provider delete_certificate_provider *************************** IoT.Client.delete_certificate_provider(**kwargs) Deletes a certificate provider. Requires permission to access the DeleteCertificateProvider action. If you delete the certificate provider resource, the behavior of "CreateCertificateFromCsr" will resume, and IoT will create certificates signed by IoT from a certificate signing request (CSR). See also: AWS API Documentation **Request Syntax** response = client.delete_certificate_provider( certificateProviderName='string' ) Parameters: **certificateProviderName** (*string*) -- **[REQUIRED]** The name of the certificate provider. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.DeleteConflictException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / delete_registration_code delete_registration_code ************************ IoT.Client.delete_registration_code() Deletes a CA certificate registration code. Requires permission to access the DeleteRegistrationCode action. See also: AWS API Documentation **Request Syntax** response = client.delete_registration_code() Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* The output for the DeleteRegistrationCode operation. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / update_indexing_configuration update_indexing_configuration ***************************** IoT.Client.update_indexing_configuration(**kwargs) Updates the search configuration. Requires permission to access the UpdateIndexingConfiguration action. See also: AWS API Documentation **Request Syntax** response = client.update_indexing_configuration( thingIndexingConfiguration={ 'thingIndexingMode': 'OFF'|'REGISTRY'|'REGISTRY_AND_SHADOW', 'thingConnectivityIndexingMode': 'OFF'|'STATUS', 'deviceDefenderIndexingMode': 'OFF'|'VIOLATIONS', 'namedShadowIndexingMode': 'OFF'|'ON', 'managedFields': [ { 'name': 'string', 'type': 'Number'|'String'|'Boolean' }, ], 'customFields': [ { 'name': 'string', 'type': 'Number'|'String'|'Boolean' }, ], 'filter': { 'namedShadowNames': [ 'string', ], 'geoLocations': [ { 'name': 'string', 'order': 'LatLon'|'LonLat' }, ] } }, thingGroupIndexingConfiguration={ 'thingGroupIndexingMode': 'OFF'|'ON', 'managedFields': [ { 'name': 'string', 'type': 'Number'|'String'|'Boolean' }, ], 'customFields': [ { 'name': 'string', 'type': 'Number'|'String'|'Boolean' }, ] } ) Parameters: * **thingIndexingConfiguration** (*dict*) -- Thing indexing configuration. * **thingIndexingMode** *(string) --* **[REQUIRED]** Thing indexing mode. Valid values are: * REGISTRY – Your thing index contains registry data only. * REGISTRY_AND_SHADOW - Your thing index contains registry and shadow data. * OFF - Thing indexing is disabled. * **thingConnectivityIndexingMode** *(string) --* Thing connectivity indexing mode. Valid values are: * STATUS – Your thing index contains connectivity status. To enable thing connectivity indexing, *thingIndexMode* must not be set to OFF. * OFF - Thing connectivity status indexing is disabled. * **deviceDefenderIndexingMode** *(string) --* Device Defender indexing mode. Valid values are: * VIOLATIONS – Your thing index contains Device Defender violations. To enable Device Defender indexing, *deviceDefenderIndexingMode* must not be set to OFF. * OFF - Device Defender indexing is disabled. For more information about Device Defender violations, see Device Defender Detect. * **namedShadowIndexingMode** *(string) --* Named shadow indexing mode. Valid values are: * ON – Your thing index contains named shadow. To enable thing named shadow indexing, *namedShadowIndexingMode* must not be set to OFF. * OFF - Named shadow indexing is disabled. For more information about Shadows, see IoT Device Shadow service. * **managedFields** *(list) --* Contains fields that are indexed and whose types are already known by the Fleet Indexing service. This is an optional field. For more information, see Managed fields in the *Amazon Web Services IoT Core Developer Guide*. Note: You can't modify managed fields by updating fleet indexing configuration. * *(dict) --* Describes the name and data type at a field. * **name** *(string) --* The name of the field. * **type** *(string) --* The data type of the field. * **customFields** *(list) --* Contains custom field names and their data type. * *(dict) --* Describes the name and data type at a field. * **name** *(string) --* The name of the field. * **type** *(string) --* The data type of the field. * **filter** *(dict) --* Provides additional selections for named shadows and geolocation data. To add named shadows to your fleet indexing configuration, set "namedShadowIndexingMode" to be ON and specify your shadow names in "namedShadowNames" filter. To add geolocation data to your fleet indexing configuration: * If you store geolocation data in a class/unnamed shadow, set "thingIndexingMode" to be "REGISTRY_AND_SHADOW" and specify your geolocation data in "geoLocations" filter. * If you store geolocation data in a named shadow, set "namedShadowIndexingMode" to be "ON", add the shadow name in "namedShadowNames" filter, and specify your geolocation data in "geoLocations" filter. For more information, see Managing fleet indexing. * **namedShadowNames** *(list) --* The shadow names that you select to index. The default maximum number of shadow names for indexing is 10. To increase the limit, see Amazon Web Services IoT Device Management Quotas in the *Amazon Web Services General Reference*. * *(string) --* * **geoLocations** *(list) --* The list of geolocation targets that you select to index. The default maximum number of geolocation targets for indexing is "1". To increase the limit, see Amazon Web Services IoT Device Management Quotas in the *Amazon Web Services General Reference*. * *(dict) --* A geolocation target that you select to index. Each geolocation target contains a "name" and "order" key- value pair that specifies the geolocation target fields. * **name** *(string) --* The "name" of the geolocation target field. If the target field is part of a named shadow, you must select the named shadow using the "namedShadow" filter. * **order** *(string) --* The "order" of the geolocation target field. This field is optional. The default value is "LatLon". * **thingGroupIndexingConfiguration** (*dict*) -- Thing group indexing configuration. * **thingGroupIndexingMode** *(string) --* **[REQUIRED]** Thing group indexing mode. * **managedFields** *(list) --* Contains fields that are indexed and whose types are already known by the Fleet Indexing service. This is an optional field. For more information, see Managed fields in the *Amazon Web Services IoT Core Developer Guide*. Note: You can't modify managed fields by updating fleet indexing configuration. * *(dict) --* Describes the name and data type at a field. * **name** *(string) --* The name of the field. * **type** *(string) --* The data type of the field. * **customFields** *(list) --* A list of thing group fields to index. This list cannot contain any managed fields. Use the GetIndexingConfiguration API to get a list of managed fields. Contains custom field names and their data type. * *(dict) --* Describes the name and data type at a field. * **name** *(string) --* The name of the field. * **type** *(string) --* The data type of the field. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_principal_things list_principal_things ********************* IoT.Client.list_principal_things(**kwargs) Lists the things associated with the specified principal. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities. Requires permission to access the ListPrincipalThings action. See also: AWS API Documentation **Request Syntax** response = client.list_principal_things( nextToken='string', maxResults=123, principal='string' ) Parameters: * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise **null** to receive the first set of results. * **maxResults** (*integer*) -- The maximum number of results to return in this operation. * **principal** (*string*) -- **[REQUIRED]** The principal. Return type: dict Returns: **Response Syntax** { 'things': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListPrincipalThings operation. * **things** *(list) --* The things. * *(string) --* * **nextToken** *(string) --* The token to use to get the next set of results, or **null** if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / cancel_job cancel_job ********** IoT.Client.cancel_job(**kwargs) Cancels a job. Requires permission to access the CancelJob action. See also: AWS API Documentation **Request Syntax** response = client.cancel_job( jobId='string', reasonCode='string', comment='string', force=True|False ) Parameters: * **jobId** (*string*) -- **[REQUIRED]** The unique identifier you assigned to this job when it was created. * **reasonCode** (*string*) -- (Optional)A reason code string that explains why the job was canceled. * **comment** (*string*) -- An optional comment string describing why the job was canceled. * **force** (*boolean*) -- (Optional) If "true" job executions with status "IN_PROGRESS" and "QUEUED" are canceled, otherwise only job executions with status "QUEUED" are canceled. The default is "false". Canceling a job which is "IN_PROGRESS", will cause a device which is executing the job to be unable to update the job execution status. Use caution and ensure that each device executing a job which is canceled is able to recover to a valid state. Return type: dict Returns: **Response Syntax** { 'jobArn': 'string', 'jobId': 'string', 'description': 'string' } **Response Structure** * *(dict) --* * **jobArn** *(string) --* The job ARN. * **jobId** *(string) --* The unique identifier you assigned to this job when it was created. * **description** *(string) --* A short text description of the job. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.LimitExceededException" IoT / Client / describe_job_template describe_job_template ********************* IoT.Client.describe_job_template(**kwargs) Returns information about a job template. See also: AWS API Documentation **Request Syntax** response = client.describe_job_template( jobTemplateId='string' ) Parameters: **jobTemplateId** (*string*) -- **[REQUIRED]** The unique identifier of the job template. Return type: dict Returns: **Response Syntax** { 'jobTemplateArn': 'string', 'jobTemplateId': 'string', 'description': 'string', 'documentSource': 'string', 'document': 'string', 'createdAt': datetime(2015, 1, 1), 'presignedUrlConfig': { 'roleArn': 'string', 'expiresInSec': 123 }, 'jobExecutionsRolloutConfig': { 'maximumPerMinute': 123, 'exponentialRate': { 'baseRatePerMinute': 123, 'incrementFactor': 123.0, 'rateIncreaseCriteria': { 'numberOfNotifiedThings': 123, 'numberOfSucceededThings': 123 } } }, 'abortConfig': { 'criteriaList': [ { 'failureType': 'FAILED'|'REJECTED'|'TIMED_OUT'|'ALL', 'action': 'CANCEL', 'thresholdPercentage': 123.0, 'minNumberOfExecutedThings': 123 }, ] }, 'timeoutConfig': { 'inProgressTimeoutInMinutes': 123 }, 'jobExecutionsRetryConfig': { 'criteriaList': [ { 'failureType': 'FAILED'|'TIMED_OUT'|'ALL', 'numberOfRetries': 123 }, ] }, 'maintenanceWindows': [ { 'startTime': 'string', 'durationInMinutes': 123 }, ], 'destinationPackageVersions': [ 'string', ] } **Response Structure** * *(dict) --* * **jobTemplateArn** *(string) --* The ARN of the job template. * **jobTemplateId** *(string) --* The unique identifier of the job template. * **description** *(string) --* A description of the job template. * **documentSource** *(string) --* An S3 link to the job document. * **document** *(string) --* The job document. * **createdAt** *(datetime) --* The time, in seconds since the epoch, when the job template was created. * **presignedUrlConfig** *(dict) --* Configuration for pre-signed S3 URLs. * **roleArn** *(string) --* The ARN of an IAM role that grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files. Warning: For information about addressing the confused deputy problem, see cross-service confused deputy prevention in the *Amazon Web Services IoT Core developer guide*. * **expiresInSec** *(integer) --* How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document. * **jobExecutionsRolloutConfig** *(dict) --* Allows you to create a staged rollout of a job. * **maximumPerMinute** *(integer) --* The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout. * **exponentialRate** *(dict) --* The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout. * **baseRatePerMinute** *(integer) --* The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout. * **incrementFactor** *(float) --* The exponential factor to increase the rate of rollout for a job. Amazon Web Services IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55). * **rateIncreaseCriteria** *(dict) --* The criteria to initiate the increase in rate of rollout for a job. * **numberOfNotifiedThings** *(integer) --* The threshold for number of notified things that will initiate the increase in rate of rollout. * **numberOfSucceededThings** *(integer) --* The threshold for number of succeeded things that will initiate the increase in rate of rollout. * **abortConfig** *(dict) --* The criteria that determine when and how a job abort takes place. * **criteriaList** *(list) --* The list of criteria that determine when and how to abort the job. * *(dict) --* The criteria that determine when and how a job abort takes place. * **failureType** *(string) --* The type of job execution failures that can initiate a job abort. * **action** *(string) --* The type of job action to take to initiate the job abort. * **thresholdPercentage** *(float) --* The minimum percentage of job execution failures that must occur to initiate the job abort. Amazon Web Services IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999). * **minNumberOfExecutedThings** *(integer) --* The minimum number of things which must receive job execution notifications before the job can be aborted. * **timeoutConfig** *(dict) --* Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to "IN_PROGRESS". If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to "TIMED_OUT". * **inProgressTimeoutInMinutes** *(integer) --* Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal "TIMED_OUT" status. * **jobExecutionsRetryConfig** *(dict) --* The configuration that determines how many retries are allowed for each failure type for a job. * **criteriaList** *(list) --* The list of criteria that determines how many retries are allowed for each failure type for a job. * *(dict) --* The criteria that determines how many retries are allowed for each failure type for a job. * **failureType** *(string) --* The type of job execution failures that can initiate a job retry. * **numberOfRetries** *(integer) --* The number of retries allowed for a failure type for the job. * **maintenanceWindows** *(list) --* Allows you to configure an optional maintenance window for the rollout of a job document to all devices in the target group for a job. * *(dict) --* An optional configuration within the "SchedulingConfig" to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job. * **startTime** *(string) --* Displays the start time of the next maintenance window. * **durationInMinutes** *(integer) --* Displays the duration of the next maintenance window. * **destinationPackageVersions** *(list) --* The package version Amazon Resource Names (ARNs) that are installed on the device when the job successfully completes. The package version must be in either the Published or Deprecated state when the job deploys. For more information, see Package version lifecycle. >>**<>**<>**<>**<::command/ * **targetArn** *(string) --* The Amazon Resource Number (ARN) of the device on which the command execution is being performed. * **status** *(string) --* The status of the command execution. After your devices receive the command and start performing the operations specified in the command, it can use the "UpdateCommandExecution" MQTT API to update the status information. * **statusReason** *(dict) --* Your devices can use this parameter to provide additional context about the status of a command execution using a reason code and description. * **reasonCode** *(string) --* A code that provides additional context for the command execution status. * **reasonDescription** *(string) --* A literal string for devices to optionally provide additional information about the reason code for a command execution status. * **result** *(dict) --* The result value for the current state of the command execution. The status provides information about the progress of the command execution. The device can use the result field to share additional details about the execution such as a return value of a remote function call. Note: If you use the "AWS-IoT-FleetWise" namespace, then this field is not applicable in the API response. * *(string) --* * *(dict) --* The result value of the command execution. The device can use the result field to share additional details about the execution such as a return value of a remote function call. Note: This field is not applicable if you use the "AWS-IoT- FleetWise" namespace. * **S** *(string) --* An attribute of type String. For example: ""S": "Hello"" * **B** *(boolean) --* An attribute of type Boolean. For example: ""BOOL": true" * **BIN** *(bytes) --* An attribute of type Binary. * **parameters** *(dict) --* The list of parameters that the "StartCommandExecution" API used when performing the command on the device. * *(string) --* * *(dict) --* The range of possible values that's used to describe a specific command parameter. Note: The "commandParameterValue" can only have one of the below fields listed. * **S** *(string) --* An attribute of type String. For example: ""S": "Hello"" * **B** *(boolean) --* An attribute of type Boolean. For example: ""BOOL": true" * **I** *(integer) --* An attribute of type Integer (Thirty-Two Bits). * **L** *(integer) --* An attribute of type Long. * **D** *(float) --* An attribute of type Double (Sixty-Four Bits). * **BIN** *(bytes) --* An attribute of type Binary. For example: ""B": "dGhpcyB0ZXh0IGlzIGJhc2U2NC1lbmNvZGVk"" * **UL** *(string) --* An attribute of type unsigned long. * **executionTimeoutSeconds** *(integer) --* Specifies the amount of time in seconds that the device can take to finish a command execution. A timer starts when the command execution is created. If the command execution status is not set to another terminal state before the timer expires, it will automatically update to "TIMED_OUT". * **createdAt** *(datetime) --* The timestamp, when the command execution was created. * **lastUpdatedAt** *(datetime) --* The timestamp, when the command execution was last updated. * **startedAt** *(datetime) --* The timestamp, when the command execution was started. * **completedAt** *(datetime) --* The timestamp, when the command execution was completed. * **timeToLive** *(datetime) --* The time to live (TTL) parameter that indicates the duration for which executions will be retained in your account. The default value is six months. **Exceptions** * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / list_ca_certificates list_ca_certificates ******************** IoT.Client.list_ca_certificates(**kwargs) Lists the CA certificates registered for your Amazon Web Services account. The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results. Requires permission to access the ListCACertificates action. See also: AWS API Documentation **Request Syntax** response = client.list_ca_certificates( pageSize=123, marker='string', ascendingOrder=True|False, templateName='string' ) Parameters: * **pageSize** (*integer*) -- The result page size. * **marker** (*string*) -- The marker for the next set of results. * **ascendingOrder** (*boolean*) -- Determines the order of the results. * **templateName** (*string*) -- The name of the provisioning template. Return type: dict Returns: **Response Syntax** { 'certificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE', 'creationDate': datetime(2015, 1, 1) }, ], 'nextMarker': 'string' } **Response Structure** * *(dict) --* The output from the ListCACertificates operation. * **certificates** *(list) --* The CA certificates registered in your Amazon Web Services account. * *(dict) --* A CA certificate. * **certificateArn** *(string) --* The ARN of the CA certificate. * **certificateId** *(string) --* The ID of the CA certificate. * **status** *(string) --* The status of the CA certificate. The status value REGISTER_INACTIVE is deprecated and should not be used. * **creationDate** *(datetime) --* The date the CA certificate was created. * **nextMarker** *(string) --* The current position within the list of CA certificates. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / describe_security_profile describe_security_profile ************************* IoT.Client.describe_security_profile(**kwargs) Gets information about a Device Defender security profile. Requires permission to access the DescribeSecurityProfile action. See also: AWS API Documentation **Request Syntax** response = client.describe_security_profile( securityProfileName='string' ) Parameters: **securityProfileName** (*string*) -- **[REQUIRED]** The name of the security profile whose information you want to get. Return type: dict Returns: **Response Syntax** { 'securityProfileName': 'string', 'securityProfileArn': 'string', 'securityProfileDescription': 'string', 'behaviors': [ { 'name': 'string', 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'criteria': { 'comparisonOperator': 'less-than'|'less-than-equals'|'greater-than'|'greater-than-equals'|'in-cidr-set'|'not-in-cidr-set'|'in-port-set'|'not-in-port-set'|'in-set'|'not-in-set', 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'durationSeconds': 123, 'consecutiveDatapointsToAlarm': 123, 'consecutiveDatapointsToClear': 123, 'statisticalThreshold': { 'statistic': 'string' }, 'mlDetectionConfig': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' } }, 'suppressAlerts': True|False, 'exportMetric': True|False }, ], 'alertTargets': { 'string': { 'alertTargetArn': 'string', 'roleArn': 'string' } }, 'additionalMetricsToRetain': [ 'string', ], 'additionalMetricsToRetainV2': [ { 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'exportMetric': True|False }, ], 'version': 123, 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'metricsExportConfig': { 'mqttTopic': 'string', 'roleArn': 'string' } } **Response Structure** * *(dict) --* * **securityProfileName** *(string) --* The name of the security profile. * **securityProfileArn** *(string) --* The ARN of the security profile. * **securityProfileDescription** *(string) --* A description of the security profile (associated with the security profile when it was created or updated). * **behaviors** *(list) --* Specifies the behaviors that, when violated by a device (thing), cause an alert. * *(dict) --* A Device Defender security profile behavior. * **name** *(string) --* The name you've given to the behavior. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension for a metric in your behavior. For example, using a "TOPIC_FILTER" dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can't be used with custom metrics. * **dimensionName** *(string) --* A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **criteria** *(dict) --* The criteria that determine if a device is behaving normally in regard to the "metric". Note: In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously. * **comparisonOperator** *(string) --* The operator that relates the thing measured ( "metric") to the criteria (containing a "value" or "statisticalThreshold"). Valid operators include: * "string-list": "in-set" and "not-in-set" * "number-list": "in-set" and "not-in-set" * "ip-address-list": "in-cidr-set" and "not-in-cidr- set" * "number": "less-than", "less-than-equals", "greater- than", and "greater-than-equals" * **value** *(dict) --* The value to be compared with the "metric". * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **durationSeconds** *(integer) --* Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, "NUM_MESSAGES_SENT"). For a "statisticalThreshhold" metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes. * **consecutiveDatapointsToAlarm** *(integer) --* If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. * **consecutiveDatapointsToClear** *(integer) --* If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. * **statisticalThreshold** *(dict) --* A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. * **statistic** *(string) --* The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( "durationSeconds") from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( "comparisonOperator") the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs. * **mlDetectionConfig** *(dict) --* The configuration of an ML Detect * **confidenceLevel** *(string) --* The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **suppressAlerts** *(boolean) --* Suppresses alerts. * **exportMetric** *(boolean) --* Value indicates exporting metrics related to the behavior when it is true. * **alertTargets** *(dict) --* Where the alerts are sent. (Alerts are always sent to the console.) * *(string) --* The type of alert target: one of "SNS". * *(dict) --* A structure containing the alert target ARN and the role ARN. * **alertTargetArn** *(string) --* The Amazon Resource Name (ARN) of the notification target to which alerts are sent. * **roleArn** *(string) --* The ARN of the role that grants permission to send alerts to the notification target. * **additionalMetricsToRetain** *(list) --* Please use DescribeSecurityProfileResponse$additionalMetricsToRetainV2 instead. A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's "behaviors", but it is also retained for any metric specified here. * *(string) --* * **additionalMetricsToRetainV2** *(list) --* A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here. * *(dict) --* The metric you want to retain. Dimensions are optional. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension of a metric. This can't be used with custom metrics. * **dimensionName** *(string) --* A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **exportMetric** *(boolean) --* The value indicates exporting metrics related to the "MetricToRetain" when it's true. * **version** *(integer) --* The version of the security profile. A new version is generated whenever the security profile is updated. * **creationDate** *(datetime) --* The time the security profile was created. * **lastModifiedDate** *(datetime) --* The time the security profile was last modified. * **metricsExportConfig** *(dict) --* Specifies the MQTT topic and role ARN required for metric export. * **mqttTopic** *(string) --* The MQTT topic that Device Defender Detect should publish messages to for metrics export. * **roleArn** *(string) --* This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / register_certificate_without_ca register_certificate_without_ca ******************************* IoT.Client.register_certificate_without_ca(**kwargs) Register a certificate that does not have a certificate authority (CA). For supported certificates, consult Certificate signing algorithms supported by IoT. See also: AWS API Documentation **Request Syntax** response = client.register_certificate_without_ca( certificatePem='string', status='ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION' ) Parameters: * **certificatePem** (*string*) -- **[REQUIRED]** The certificate data, in PEM format. * **status** (*string*) -- The status of the register certificate request. Return type: dict Returns: **Response Syntax** { 'certificateArn': 'string', 'certificateId': 'string' } **Response Structure** * *(dict) --* * **certificateArn** *(string) --* The Amazon Resource Name (ARN) of the registered certificate. * **certificateId** *(string) --* The ID of the registered certificate. (The last part of the certificate ARN contains the certificate ID. **Exceptions** * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.CertificateStateException" * "IoT.Client.exceptions.CertificateValidationException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / update_account_audit_configuration update_account_audit_configuration ********************************** IoT.Client.update_account_audit_configuration(**kwargs) Configures or reconfigures the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled. Requires permission to access the UpdateAccountAuditConfiguration action. See also: AWS API Documentation **Request Syntax** response = client.update_account_audit_configuration( roleArn='string', auditNotificationTargetConfigurations={ 'string': { 'targetArn': 'string', 'roleArn': 'string', 'enabled': True|False } }, auditCheckConfigurations={ 'string': { 'enabled': True|False, 'configuration': { 'string': 'string' } } } ) Parameters: * **roleArn** (*string*) -- The Amazon Resource Name (ARN) of the role that grants permission to IoT to access information about your devices, policies, certificates, and other items as required when performing an audit. * **auditNotificationTargetConfigurations** (*dict*) -- Information about the targets to which audit notifications are sent. * *(string) --* * *(dict) --* Information about the targets to which audit notifications are sent. * **targetArn** *(string) --* The ARN of the target (SNS topic) to which audit notifications are sent. * **roleArn** *(string) --* The ARN of the role that grants permission to send notifications to the target. * **enabled** *(boolean) --* True if notifications to the target are enabled. * **auditCheckConfigurations** (*dict*) -- Specifies which audit checks are enabled and disabled for this account. Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are currently enabled. Some data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. You cannot disable a check if it's used by any scheduled audit. You must first delete the check from the scheduled audit or delete the scheduled audit itself. On the first call to "UpdateAccountAuditConfiguration", this parameter is required and must specify at least one enabled check. * *(string) --* An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * *(dict) --* Which audit checks are enabled and disabled for this account. * **enabled** *(boolean) --* True if this audit check is enabled for this account. * **configuration** *(dict) --* A structure containing the configName and corresponding configValue for configuring audit checks. * *(string) --* * *(string) --* Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / get_topic_rule_destination get_topic_rule_destination ************************** IoT.Client.get_topic_rule_destination(**kwargs) Gets information about a topic rule destination. Requires permission to access the GetTopicRuleDestination action. See also: AWS API Documentation **Request Syntax** response = client.get_topic_rule_destination( arn='string' ) Parameters: **arn** (*string*) -- **[REQUIRED]** The ARN of the topic rule destination. Return type: dict Returns: **Response Syntax** { 'topicRuleDestination': { 'arn': 'string', 'status': 'ENABLED'|'IN_PROGRESS'|'DISABLED'|'ERROR'|'DELETING', 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'statusReason': 'string', 'httpUrlProperties': { 'confirmationUrl': 'string' }, 'vpcProperties': { 'subnetIds': [ 'string', ], 'securityGroups': [ 'string', ], 'vpcId': 'string', 'roleArn': 'string' } } } **Response Structure** * *(dict) --* * **topicRuleDestination** *(dict) --* The topic rule destination. * **arn** *(string) --* The topic rule destination URL. * **status** *(string) --* The status of the topic rule destination. Valid values are: IN_PROGRESS A topic rule destination was created but has not been confirmed. You can set "status" to "IN_PROGRESS" by calling "UpdateTopicRuleDestination". Calling "UpdateTopicRuleDestination" causes a new confirmation challenge to be sent to your confirmation endpoint. ENABLED Confirmation was completed, and traffic to this destination is allowed. You can set "status" to "DISABLED" by calling "UpdateTopicRuleDestination". DISABLED Confirmation was completed, and traffic to this destination is not allowed. You can set "status" to "ENABLED" by calling "UpdateTopicRuleDestination". ERROR Confirmation could not be completed, for example if the confirmation timed out. You can call "GetTopicRuleDestination" for details about the error. You can set "status" to "IN_PROGRESS" by calling "UpdateTopicRuleDestination". Calling "UpdateTopicRuleDestination" causes a new confirmation challenge to be sent to your confirmation endpoint. * **createdAt** *(datetime) --* The date and time when the topic rule destination was created. * **lastUpdatedAt** *(datetime) --* The date and time when the topic rule destination was last updated. * **statusReason** *(string) --* Additional details or reason why the topic rule destination is in the current status. * **httpUrlProperties** *(dict) --* Properties of the HTTP URL. * **confirmationUrl** *(string) --* The URL used to confirm the HTTP topic rule destination URL. * **vpcProperties** *(dict) --* Properties of the virtual private cloud (VPC) connection. * **subnetIds** *(list) --* The subnet IDs of the VPC destination. * *(string) --* * **securityGroups** *(list) --* The security groups of the VPC destination. * *(string) --* * **vpcId** *(string) --* The ID of the VPC. * **roleArn** *(string) --* The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs). **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.UnauthorizedException" IoT / Client / create_topic_rule create_topic_rule ***************** IoT.Client.create_topic_rule(**kwargs) Creates a rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule. Requires permission to access the CreateTopicRule action. See also: AWS API Documentation **Request Syntax** response = client.create_topic_rule( ruleName='string', topicRulePayload={ 'sql': 'string', 'description': 'string', 'actions': [ { 'dynamoDB': { 'tableName': 'string', 'roleArn': 'string', 'operation': 'string', 'hashKeyField': 'string', 'hashKeyValue': 'string', 'hashKeyType': 'STRING'|'NUMBER', 'rangeKeyField': 'string', 'rangeKeyValue': 'string', 'rangeKeyType': 'STRING'|'NUMBER', 'payloadField': 'string' }, 'dynamoDBv2': { 'roleArn': 'string', 'putItem': { 'tableName': 'string' } }, 'lambda': { 'functionArn': 'string' }, 'sns': { 'targetArn': 'string', 'roleArn': 'string', 'messageFormat': 'RAW'|'JSON' }, 'sqs': { 'roleArn': 'string', 'queueUrl': 'string', 'useBase64': True|False }, 'kinesis': { 'roleArn': 'string', 'streamName': 'string', 'partitionKey': 'string' }, 'republish': { 'roleArn': 'string', 'topic': 'string', 'qos': 123, 'headers': { 'payloadFormatIndicator': 'string', 'contentType': 'string', 'responseTopic': 'string', 'correlationData': 'string', 'messageExpiry': 'string', 'userProperties': [ { 'key': 'string', 'value': 'string' }, ] } }, 's3': { 'roleArn': 'string', 'bucketName': 'string', 'key': 'string', 'cannedAcl': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control'|'log-delivery-write' }, 'firehose': { 'roleArn': 'string', 'deliveryStreamName': 'string', 'separator': 'string', 'batchMode': True|False }, 'cloudwatchMetric': { 'roleArn': 'string', 'metricNamespace': 'string', 'metricName': 'string', 'metricValue': 'string', 'metricUnit': 'string', 'metricTimestamp': 'string' }, 'cloudwatchAlarm': { 'roleArn': 'string', 'alarmName': 'string', 'stateReason': 'string', 'stateValue': 'string' }, 'cloudwatchLogs': { 'roleArn': 'string', 'logGroupName': 'string', 'batchMode': True|False }, 'elasticsearch': { 'roleArn': 'string', 'endpoint': 'string', 'index': 'string', 'type': 'string', 'id': 'string' }, 'salesforce': { 'token': 'string', 'url': 'string' }, 'iotAnalytics': { 'channelArn': 'string', 'channelName': 'string', 'batchMode': True|False, 'roleArn': 'string' }, 'iotEvents': { 'inputName': 'string', 'messageId': 'string', 'batchMode': True|False, 'roleArn': 'string' }, 'iotSiteWise': { 'putAssetPropertyValueEntries': [ { 'entryId': 'string', 'assetId': 'string', 'propertyId': 'string', 'propertyAlias': 'string', 'propertyValues': [ { 'value': { 'stringValue': 'string', 'integerValue': 'string', 'doubleValue': 'string', 'booleanValue': 'string' }, 'timestamp': { 'timeInSeconds': 'string', 'offsetInNanos': 'string' }, 'quality': 'string' }, ] }, ], 'roleArn': 'string' }, 'stepFunctions': { 'executionNamePrefix': 'string', 'stateMachineName': 'string', 'roleArn': 'string' }, 'timestream': { 'roleArn': 'string', 'databaseName': 'string', 'tableName': 'string', 'dimensions': [ { 'name': 'string', 'value': 'string' }, ], 'timestamp': { 'value': 'string', 'unit': 'string' } }, 'http': { 'url': 'string', 'confirmationUrl': 'string', 'headers': [ { 'key': 'string', 'value': 'string' }, ], 'auth': { 'sigv4': { 'signingRegion': 'string', 'serviceName': 'string', 'roleArn': 'string' } } }, 'kafka': { 'destinationArn': 'string', 'topic': 'string', 'key': 'string', 'partition': 'string', 'clientProperties': { 'string': 'string' }, 'headers': [ { 'key': 'string', 'value': 'string' }, ] }, 'openSearch': { 'roleArn': 'string', 'endpoint': 'string', 'index': 'string', 'type': 'string', 'id': 'string' }, 'location': { 'roleArn': 'string', 'trackerName': 'string', 'deviceId': 'string', 'timestamp': { 'value': 'string', 'unit': 'string' }, 'latitude': 'string', 'longitude': 'string' } }, ], 'ruleDisabled': True|False, 'awsIotSqlVersion': 'string', 'errorAction': { 'dynamoDB': { 'tableName': 'string', 'roleArn': 'string', 'operation': 'string', 'hashKeyField': 'string', 'hashKeyValue': 'string', 'hashKeyType': 'STRING'|'NUMBER', 'rangeKeyField': 'string', 'rangeKeyValue': 'string', 'rangeKeyType': 'STRING'|'NUMBER', 'payloadField': 'string' }, 'dynamoDBv2': { 'roleArn': 'string', 'putItem': { 'tableName': 'string' } }, 'lambda': { 'functionArn': 'string' }, 'sns': { 'targetArn': 'string', 'roleArn': 'string', 'messageFormat': 'RAW'|'JSON' }, 'sqs': { 'roleArn': 'string', 'queueUrl': 'string', 'useBase64': True|False }, 'kinesis': { 'roleArn': 'string', 'streamName': 'string', 'partitionKey': 'string' }, 'republish': { 'roleArn': 'string', 'topic': 'string', 'qos': 123, 'headers': { 'payloadFormatIndicator': 'string', 'contentType': 'string', 'responseTopic': 'string', 'correlationData': 'string', 'messageExpiry': 'string', 'userProperties': [ { 'key': 'string', 'value': 'string' }, ] } }, 's3': { 'roleArn': 'string', 'bucketName': 'string', 'key': 'string', 'cannedAcl': 'private'|'public-read'|'public-read-write'|'aws-exec-read'|'authenticated-read'|'bucket-owner-read'|'bucket-owner-full-control'|'log-delivery-write' }, 'firehose': { 'roleArn': 'string', 'deliveryStreamName': 'string', 'separator': 'string', 'batchMode': True|False }, 'cloudwatchMetric': { 'roleArn': 'string', 'metricNamespace': 'string', 'metricName': 'string', 'metricValue': 'string', 'metricUnit': 'string', 'metricTimestamp': 'string' }, 'cloudwatchAlarm': { 'roleArn': 'string', 'alarmName': 'string', 'stateReason': 'string', 'stateValue': 'string' }, 'cloudwatchLogs': { 'roleArn': 'string', 'logGroupName': 'string', 'batchMode': True|False }, 'elasticsearch': { 'roleArn': 'string', 'endpoint': 'string', 'index': 'string', 'type': 'string', 'id': 'string' }, 'salesforce': { 'token': 'string', 'url': 'string' }, 'iotAnalytics': { 'channelArn': 'string', 'channelName': 'string', 'batchMode': True|False, 'roleArn': 'string' }, 'iotEvents': { 'inputName': 'string', 'messageId': 'string', 'batchMode': True|False, 'roleArn': 'string' }, 'iotSiteWise': { 'putAssetPropertyValueEntries': [ { 'entryId': 'string', 'assetId': 'string', 'propertyId': 'string', 'propertyAlias': 'string', 'propertyValues': [ { 'value': { 'stringValue': 'string', 'integerValue': 'string', 'doubleValue': 'string', 'booleanValue': 'string' }, 'timestamp': { 'timeInSeconds': 'string', 'offsetInNanos': 'string' }, 'quality': 'string' }, ] }, ], 'roleArn': 'string' }, 'stepFunctions': { 'executionNamePrefix': 'string', 'stateMachineName': 'string', 'roleArn': 'string' }, 'timestream': { 'roleArn': 'string', 'databaseName': 'string', 'tableName': 'string', 'dimensions': [ { 'name': 'string', 'value': 'string' }, ], 'timestamp': { 'value': 'string', 'unit': 'string' } }, 'http': { 'url': 'string', 'confirmationUrl': 'string', 'headers': [ { 'key': 'string', 'value': 'string' }, ], 'auth': { 'sigv4': { 'signingRegion': 'string', 'serviceName': 'string', 'roleArn': 'string' } } }, 'kafka': { 'destinationArn': 'string', 'topic': 'string', 'key': 'string', 'partition': 'string', 'clientProperties': { 'string': 'string' }, 'headers': [ { 'key': 'string', 'value': 'string' }, ] }, 'openSearch': { 'roleArn': 'string', 'endpoint': 'string', 'index': 'string', 'type': 'string', 'id': 'string' }, 'location': { 'roleArn': 'string', 'trackerName': 'string', 'deviceId': 'string', 'timestamp': { 'value': 'string', 'unit': 'string' }, 'latitude': 'string', 'longitude': 'string' } } }, tags='string' ) Parameters: * **ruleName** (*string*) -- **[REQUIRED]** The name of the rule. * **topicRulePayload** (*dict*) -- **[REQUIRED]** The rule payload. * **sql** *(string) --* **[REQUIRED]** The SQL statement used to query the topic. For more information, see IoT SQL Reference in the *IoT Developer Guide*. * **description** *(string) --* The description of the rule. * **actions** *(list) --* **[REQUIRED]** The actions associated with the rule. * *(dict) --* Describes the actions associated with a rule. * **dynamoDB** *(dict) --* Write to a DynamoDB table. * **tableName** *(string) --* **[REQUIRED]** The name of the DynamoDB table. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access to the DynamoDB table. * **operation** *(string) --* The type of operation to be performed. This follows the substitution template, so it can be "${operation}", but the substitution must result in one of the following: "INSERT", "UPDATE", or "DELETE". * **hashKeyField** *(string) --* **[REQUIRED]** The hash key name. * **hashKeyValue** *(string) --* **[REQUIRED]** The hash key value. * **hashKeyType** *(string) --* The hash key type. Valid values are "STRING" or "NUMBER" * **rangeKeyField** *(string) --* The range key name. * **rangeKeyValue** *(string) --* The range key value. * **rangeKeyType** *(string) --* The range key type. Valid values are "STRING" or "NUMBER" * **payloadField** *(string) --* The action payload. This name can be customized. * **dynamoDBv2** *(dict) --* Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access to the DynamoDB table. * **putItem** *(dict) --* **[REQUIRED]** Specifies the DynamoDB table to which the message data will be written. For example: "{ "dynamoDBv2": { "roleArn": "aws:iam:12341251:my- role" "putItem": { "tableName": "my-table" } } }" Each attribute in the message payload will be written to a separate column in the DynamoDB database. * **tableName** *(string) --* **[REQUIRED]** The table where the message data will be written. * **lambda** *(dict) --* Invoke a Lambda function. * **functionArn** *(string) --* **[REQUIRED]** The ARN of the Lambda function. * **sns** *(dict) --* Publish to an Amazon SNS topic. * **targetArn** *(string) --* **[REQUIRED]** The ARN of the SNS topic. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access. * **messageFormat** *(string) --* (Optional) The message format of the message to publish. Accepted values are "JSON" and "RAW". The default value of the attribute is "RAW". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. To read more about SNS message formats, see https://docs.aws.amazon.com/sns/latest/dg /json-formats.html refer to their official documentation. * **sqs** *(dict) --* Publish to an Amazon SQS queue. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access. * **queueUrl** *(string) --* **[REQUIRED]** The URL of the Amazon SQS queue. * **useBase64** *(boolean) --* Specifies whether to use Base64 encoding. * **kinesis** *(dict) --* Write data to an Amazon Kinesis stream. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access to the Amazon Kinesis stream. * **streamName** *(string) --* **[REQUIRED]** The name of the Amazon Kinesis stream. * **partitionKey** *(string) --* The partition key. * **republish** *(dict) --* Publish to another MQTT topic. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access. * **topic** *(string) --* **[REQUIRED]** The name of the MQTT topic. * **qos** *(integer) --* The Quality of Service (QoS) level to use when republishing messages. The default value is 0. * **headers** *(dict) --* MQTT Version 5.0 headers information. For more information, see MQTT from the Amazon Web Services IoT Core Developer Guide. * **payloadFormatIndicator** *(string) --* An "Enum" string value that indicates whether the payload is formatted as UTF-8. Valid values are "UNSPECIFIED_BYTES" and "UTF8_DATA". For more information, see Payload Format Indicator from the MQTT Version 5.0 specification. Supports substitution templates. * **contentType** *(string) --* A UTF-8 encoded string that describes the content of the publishing message. For more information, see Content Type from the MQTT Version 5.0 specification. Supports substitution templates. * **responseTopic** *(string) --* A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic which the receiver should publish to as part of the request-response flow. The topic must not contain wildcard characters. For more information, see Response Topic from the MQTT Version 5.0 specification. Supports substitution templates. * **correlationData** *(string) --* The base64-encoded binary data used by the sender of the request message to identify which request the response message is for when it's received. For more information, see Correlation Data from the MQTT Version 5.0 specification. Note: This binary data must be based64-encoded. Supports substitution templates. * **messageExpiry** *(string) --* A user-defined integer value that will persist a message at the message broker for a specified amount of time to ensure that the message will expire if it's no longer relevant to the subscriber. The value of "messageExpiry" represents the number of seconds before it expires. For more information about the limits of "messageExpiry", see Amazon Web Services IoT Core message broker and protocol limits and quotas from the Amazon Web Services Reference Guide. Supports substitution templates. * **userProperties** *(list) --* An array of key-value pairs that you define in the MQTT5 header. * *(dict) --* A key-value pair that you define in the header. Both the key and the value are either literal strings or valid substitution templates. * **key** *(string) --* **[REQUIRED]** A key to be specified in "UserProperty". * **value** *(string) --* **[REQUIRED]** A value to be specified in "UserProperty". * **s3** *(dict) --* Write to an Amazon S3 bucket. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access. * **bucketName** *(string) --* **[REQUIRED]** The Amazon S3 bucket. * **key** *(string) --* **[REQUIRED]** The object key. For more information, see Actions, resources, and condition keys for Amazon S3. * **cannedAcl** *(string) --* The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see S3 canned ACLs. * **firehose** *(dict) --* Write to an Amazon Kinesis Firehose stream. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that grants access to the Amazon Kinesis Firehose stream. * **deliveryStreamName** *(string) --* **[REQUIRED]** The delivery stream name. * **separator** *(string) --* A character separator that will be used to separate records written to the Firehose stream. Valid values are: 'n' (newline), 't' (tab), 'rn' (Windows newline), ',' (comma). * **batchMode** *(boolean) --* Whether to deliver the Kinesis Data Firehose stream as a batch by using PutRecordBatch. The default value is "false". When "batchMode" is "true" and the rule's SQL statement evaluates to an Array, each Array element forms one record in the PutRecordBatch request. The resulting array can't have more than 500 records. * **cloudwatchMetric** *(dict) --* Capture a CloudWatch metric. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that allows access to the CloudWatch metric. * **metricNamespace** *(string) --* **[REQUIRED]** The CloudWatch metric namespace name. * **metricName** *(string) --* **[REQUIRED]** The CloudWatch metric name. * **metricValue** *(string) --* **[REQUIRED]** The CloudWatch metric value. * **metricUnit** *(string) --* **[REQUIRED]** The metric unit supported by CloudWatch. * **metricTimestamp** *(string) --* An optional Unix timestamp. * **cloudwatchAlarm** *(dict) --* Change the state of a CloudWatch alarm. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that allows access to the CloudWatch alarm. * **alarmName** *(string) --* **[REQUIRED]** The CloudWatch alarm name. * **stateReason** *(string) --* **[REQUIRED]** The reason for the alarm change. * **stateValue** *(string) --* **[REQUIRED]** The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA. * **cloudwatchLogs** *(dict) --* Send data to CloudWatch Logs. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that allows access to the CloudWatch log. * **logGroupName** *(string) --* **[REQUIRED]** The CloudWatch log group to which the action sends data. * **batchMode** *(boolean) --* Indicates whether batches of log records will be extracted and uploaded into CloudWatch. Values include "true" or "false" *(default)*. * **elasticsearch** *(dict) --* Write data to an Amazon OpenSearch Service domain. Note: The "Elasticsearch" action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the "OpenSearch" rule action instead. For more information, see OpenSearchAction. * **roleArn** *(string) --* **[REQUIRED]** The IAM role ARN that has access to OpenSearch. * **endpoint** *(string) --* **[REQUIRED]** The endpoint of your OpenSearch domain. * **index** *(string) --* **[REQUIRED]** The index where you want to store your data. * **type** *(string) --* **[REQUIRED]** The type of document you are storing. * **id** *(string) --* **[REQUIRED]** The unique identifier for the document you are storing. * **salesforce** *(dict) --* Send a message to a Salesforce IoT Cloud Input Stream. * **token** *(string) --* **[REQUIRED]** The token used to authenticate access to the Salesforce IoT Cloud Input Stream. The token is available from the Salesforce IoT Cloud platform after creation of the Input Stream. * **url** *(string) --* **[REQUIRED]** The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is available from the Salesforce IoT Cloud platform after creation of the Input Stream. * **iotAnalytics** *(dict) --* Sends message data to an IoT Analytics channel. * **channelArn** *(string) --* (deprecated) The ARN of the IoT Analytics channel to which message data will be sent. * **channelName** *(string) --* The name of the IoT Analytics channel to which message data will be sent. * **batchMode** *(boolean) --* Whether to process the action as a batch. The default value is "false". When "batchMode" is "true" and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by BatchPutMessage to the IoT Analytics channel. The resulting array can't have more than 100 messages. * **roleArn** *(string) --* The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage). * **iotEvents** *(dict) --* Sends an input to an IoT Events detector. * **inputName** *(string) --* **[REQUIRED]** The name of the IoT Events input. * **messageId** *(string) --* The ID of the message. The default "messageId" is a new UUID value. When "batchMode" is "true", you can't specify a "messageId"--a new UUID value will be assigned. Assign a value to this property to ensure that only one input (message) with a given "messageId" will be processed by an IoT Events detector. * **batchMode** *(boolean) --* Whether to process the event actions as a batch. The default value is "false". When "batchMode" is "true", you can't specify a "messageId". When "batchMode" is "true" and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when it's sent to IoT Events by calling BatchPutMessage. The resulting array can't have more than 10 messages. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants IoT permission to send an input to an IoT Events detector. ("Action":"iotevents:BatchPutMessage"). * **iotSiteWise** *(dict) --* Sends data from the MQTT message that triggered the rule to IoT SiteWise asset properties. * **putAssetPropertyValueEntries** *(list) --* **[REQUIRED]** A list of asset property value entries. * *(dict) --* An asset property value entry containing the following information. * **entryId** *(string) --* Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID. * **assetId** *(string) --* The ID of the IoT SiteWise asset. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyId** *(string) --* The ID of the asset's property. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyAlias** *(string) --* The name of the property alias associated with your asset property. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyValues** *(list) --* **[REQUIRED]** A list of property values to insert that each contain timestamp, quality, and value (TQV) information. * *(dict) --* An asset property value entry containing the following information. * **value** *(dict) --* **[REQUIRED]** The value of the asset property. * **stringValue** *(string) --* Optional. The string value of the value entry. Accepts substitution templates. * **integerValue** *(string) --* Optional. A string that contains the integer value of the value entry. Accepts substitution templates. * **doubleValue** *(string) --* Optional. A string that contains the double value of the value entry. Accepts substitution templates. * **booleanValue** *(string) --* Optional. A string that contains the boolean value ( "true" or "false") of the value entry. Accepts substitution templates. * **timestamp** *(dict) --* **[REQUIRED]** The asset property value timestamp. * **timeInSeconds** *(string) --* **[REQUIRED]** A string that contains the time in seconds since epoch. Accepts substitution templates. * **offsetInNanos** *(string) --* Optional. A string that contains the nanosecond time offset. Accepts substitution templates. * **quality** *(string) --* Optional. A string that describes the quality of the value. Accepts substitution templates. Must be "GOOD", "BAD", or "UNCERTAIN". * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants IoT permission to send an asset property value to IoT SiteWise. ( ""Action": "iotsitewise:BatchPutAssetPropertyValue""). The trust policy can restrict access to specific asset hierarchy paths. * **stepFunctions** *(dict) --* Starts execution of a Step Functions state machine. * **executionNamePrefix** *(string) --* (Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided. * **stateMachineName** *(string) --* **[REQUIRED]** The name of the Step Functions state machine whose execution will be started. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants IoT permission to start execution of a state machine ("Action":"states:StartExecution"). * **timestream** *(dict) --* The Timestream rule action writes attributes (measures) from an MQTT message into an Amazon Timestream table. For more information, see the Timestream topic rule action documentation. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants permission to write to the Amazon Timestream database table. * **databaseName** *(string) --* **[REQUIRED]** The name of an Amazon Timestream database. * **tableName** *(string) --* **[REQUIRED]** The name of the database table into which to write the measure records. * **dimensions** *(list) --* **[REQUIRED]** Metadata attributes of the time series that are written in each measure record. * *(dict) --* Metadata attributes of the time series that are written in each measure record. * **name** *(string) --* **[REQUIRED]** The metadata dimension name. This is the name of the column in the Amazon Timestream database table record. Dimensions cannot be named: "measure_name", "measure_value", or "time". These names are reserved. Dimension names cannot start with "ts_" or "measure_value" and they cannot contain the colon ( ":") character. * **value** *(string) --* **[REQUIRED]** The value to write in this column of the database record. * **timestamp** *(dict) --* Specifies an application-defined value to replace the default value assigned to the Timestream record's timestamp in the "time" column. You can use this property to specify the value and the precision of the Timestream record's timestamp. You can specify a value from the message payload or a value computed by a substitution template. If omitted, the topic rule action assigns the timestamp, in milliseconds, at the time it processed the rule. * **value** *(string) --* **[REQUIRED]** An expression that returns a long epoch time value. * **unit** *(string) --* **[REQUIRED]** The precision of the timestamp value that results from the expression described in "value". Valid values: "SECONDS" | "MILLISECONDS" | "MICROSECONDS" | "NANOSECONDS". The default is "MILLISECONDS". * **http** *(dict) --* Send data to an HTTPS endpoint. * **url** *(string) --* **[REQUIRED]** The endpoint URL. If substitution templates are used in the URL, you must also specify a "confirmationUrl". If this is a new destination, a new "TopicRuleDestination" is created if possible. * **confirmationUrl** *(string) --* The URL to which IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL. * **headers** *(list) --* The HTTP headers to send with the message data. * *(dict) --* The HTTP action header. * **key** *(string) --* **[REQUIRED]** The HTTP header key. * **value** *(string) --* **[REQUIRED]** The HTTP header value. Substitution templates are supported. * **auth** *(dict) --* The authentication method to use when sending data to an HTTPS endpoint. * **sigv4** *(dict) --* Use Sig V4 authorization. For more information, see Signature Version 4 Signing Process. * **signingRegion** *(string) --* **[REQUIRED]** The signing region. * **serviceName** *(string) --* **[REQUIRED]** The service name to use while signing with Sig V4. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the signing role. * **kafka** *(dict) --* Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster. * **destinationArn** *(string) --* **[REQUIRED]** The ARN of Kafka action's VPC "TopicRuleDestination". * **topic** *(string) --* **[REQUIRED]** The Kafka topic for messages to be sent to the Kafka broker. * **key** *(string) --* The Kafka message key. * **partition** *(string) --* The Kafka message partition. * **clientProperties** *(dict) --* **[REQUIRED]** Properties of the Apache Kafka producer client. * *(string) --* * *(string) --* * **headers** *(list) --* The list of Kafka headers that you specify. * *(dict) --* Specifies a Kafka header using key-value pairs when you create a Rule’s Kafka Action. You can use these headers to route data from IoT clients to downstream Kafka clusters without modifying your message payload. For more information about Rule's Kafka action, see Apache Kafka. * **key** *(string) --* **[REQUIRED]** The key of the Kafka header. * **value** *(string) --* **[REQUIRED]** The value of the Kafka header. * **openSearch** *(dict) --* Write data to an Amazon OpenSearch Service domain. * **roleArn** *(string) --* **[REQUIRED]** The IAM role ARN that has access to OpenSearch. * **endpoint** *(string) --* **[REQUIRED]** The endpoint of your OpenSearch domain. * **index** *(string) --* **[REQUIRED]** The OpenSearch index where you want to store your data. * **type** *(string) --* **[REQUIRED]** The type of document you are storing. * **id** *(string) --* **[REQUIRED]** The unique identifier for the document you are storing. * **location** *(dict) --* The Amazon Location Service rule action sends device location updates from an MQTT message to an Amazon Location tracker resource. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that grants permission to write to the Amazon Location resource. * **trackerName** *(string) --* **[REQUIRED]** The name of the tracker resource in Amazon Location in which the location is updated. * **deviceId** *(string) --* **[REQUIRED]** The unique ID of the device providing the location data. * **timestamp** *(dict) --* The time that the location data was sampled. The default value is the time the MQTT message was processed. * **value** *(string) --* **[REQUIRED]** An expression that returns a long epoch time value. * **unit** *(string) --* The precision of the timestamp value that results from the expression described in "value". Valid values: "SECONDS" | "MILLISECONDS" | "MICROSECONDS" | "NANOSECONDS". The default is "MILLISECONDS". * **latitude** *(string) --* **[REQUIRED]** A string that evaluates to a double value that represents the latitude of the device's location. * **longitude** *(string) --* **[REQUIRED]** A string that evaluates to a double value that represents the longitude of the device's location. * **ruleDisabled** *(boolean) --* Specifies whether the rule is disabled. * **awsIotSqlVersion** *(string) --* The version of the SQL rules engine to use when evaluating the rule. * **errorAction** *(dict) --* The action to take when an error occurs. * **dynamoDB** *(dict) --* Write to a DynamoDB table. * **tableName** *(string) --* **[REQUIRED]** The name of the DynamoDB table. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access to the DynamoDB table. * **operation** *(string) --* The type of operation to be performed. This follows the substitution template, so it can be "${operation}", but the substitution must result in one of the following: "INSERT", "UPDATE", or "DELETE". * **hashKeyField** *(string) --* **[REQUIRED]** The hash key name. * **hashKeyValue** *(string) --* **[REQUIRED]** The hash key value. * **hashKeyType** *(string) --* The hash key type. Valid values are "STRING" or "NUMBER" * **rangeKeyField** *(string) --* The range key name. * **rangeKeyValue** *(string) --* The range key value. * **rangeKeyType** *(string) --* The range key type. Valid values are "STRING" or "NUMBER" * **payloadField** *(string) --* The action payload. This name can be customized. * **dynamoDBv2** *(dict) --* Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access to the DynamoDB table. * **putItem** *(dict) --* **[REQUIRED]** Specifies the DynamoDB table to which the message data will be written. For example: "{ "dynamoDBv2": { "roleArn": "aws:iam:12341251:my-role" "putItem": { "tableName": "my-table" } } }" Each attribute in the message payload will be written to a separate column in the DynamoDB database. * **tableName** *(string) --* **[REQUIRED]** The table where the message data will be written. * **lambda** *(dict) --* Invoke a Lambda function. * **functionArn** *(string) --* **[REQUIRED]** The ARN of the Lambda function. * **sns** *(dict) --* Publish to an Amazon SNS topic. * **targetArn** *(string) --* **[REQUIRED]** The ARN of the SNS topic. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access. * **messageFormat** *(string) --* (Optional) The message format of the message to publish. Accepted values are "JSON" and "RAW". The default value of the attribute is "RAW". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. To read more about SNS message formats, see https://docs.aws.amazon.com/sns/latest/dg/json- formats.html refer to their official documentation. * **sqs** *(dict) --* Publish to an Amazon SQS queue. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access. * **queueUrl** *(string) --* **[REQUIRED]** The URL of the Amazon SQS queue. * **useBase64** *(boolean) --* Specifies whether to use Base64 encoding. * **kinesis** *(dict) --* Write data to an Amazon Kinesis stream. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access to the Amazon Kinesis stream. * **streamName** *(string) --* **[REQUIRED]** The name of the Amazon Kinesis stream. * **partitionKey** *(string) --* The partition key. * **republish** *(dict) --* Publish to another MQTT topic. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access. * **topic** *(string) --* **[REQUIRED]** The name of the MQTT topic. * **qos** *(integer) --* The Quality of Service (QoS) level to use when republishing messages. The default value is 0. * **headers** *(dict) --* MQTT Version 5.0 headers information. For more information, see MQTT from the Amazon Web Services IoT Core Developer Guide. * **payloadFormatIndicator** *(string) --* An "Enum" string value that indicates whether the payload is formatted as UTF-8. Valid values are "UNSPECIFIED_BYTES" and "UTF8_DATA". For more information, see Payload Format Indicator from the MQTT Version 5.0 specification. Supports substitution templates. * **contentType** *(string) --* A UTF-8 encoded string that describes the content of the publishing message. For more information, see Content Type from the MQTT Version 5.0 specification. Supports substitution templates. * **responseTopic** *(string) --* A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic which the receiver should publish to as part of the request-response flow. The topic must not contain wildcard characters. For more information, see Response Topic from the MQTT Version 5.0 specification. Supports substitution templates. * **correlationData** *(string) --* The base64-encoded binary data used by the sender of the request message to identify which request the response message is for when it's received. For more information, see Correlation Data from the MQTT Version 5.0 specification. Note: This binary data must be based64-encoded. Supports substitution templates. * **messageExpiry** *(string) --* A user-defined integer value that will persist a message at the message broker for a specified amount of time to ensure that the message will expire if it's no longer relevant to the subscriber. The value of "messageExpiry" represents the number of seconds before it expires. For more information about the limits of "messageExpiry", see Amazon Web Services IoT Core message broker and protocol limits and quotas from the Amazon Web Services Reference Guide. Supports substitution templates. * **userProperties** *(list) --* An array of key-value pairs that you define in the MQTT5 header. * *(dict) --* A key-value pair that you define in the header. Both the key and the value are either literal strings or valid substitution templates. * **key** *(string) --* **[REQUIRED]** A key to be specified in "UserProperty". * **value** *(string) --* **[REQUIRED]** A value to be specified in "UserProperty". * **s3** *(dict) --* Write to an Amazon S3 bucket. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the IAM role that grants access. * **bucketName** *(string) --* **[REQUIRED]** The Amazon S3 bucket. * **key** *(string) --* **[REQUIRED]** The object key. For more information, see Actions, resources, and condition keys for Amazon S3. * **cannedAcl** *(string) --* The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see S3 canned ACLs. * **firehose** *(dict) --* Write to an Amazon Kinesis Firehose stream. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that grants access to the Amazon Kinesis Firehose stream. * **deliveryStreamName** *(string) --* **[REQUIRED]** The delivery stream name. * **separator** *(string) --* A character separator that will be used to separate records written to the Firehose stream. Valid values are: 'n' (newline), 't' (tab), 'rn' (Windows newline), ',' (comma). * **batchMode** *(boolean) --* Whether to deliver the Kinesis Data Firehose stream as a batch by using PutRecordBatch. The default value is "false". When "batchMode" is "true" and the rule's SQL statement evaluates to an Array, each Array element forms one record in the PutRecordBatch request. The resulting array can't have more than 500 records. * **cloudwatchMetric** *(dict) --* Capture a CloudWatch metric. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that allows access to the CloudWatch metric. * **metricNamespace** *(string) --* **[REQUIRED]** The CloudWatch metric namespace name. * **metricName** *(string) --* **[REQUIRED]** The CloudWatch metric name. * **metricValue** *(string) --* **[REQUIRED]** The CloudWatch metric value. * **metricUnit** *(string) --* **[REQUIRED]** The metric unit supported by CloudWatch. * **metricTimestamp** *(string) --* An optional Unix timestamp. * **cloudwatchAlarm** *(dict) --* Change the state of a CloudWatch alarm. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that allows access to the CloudWatch alarm. * **alarmName** *(string) --* **[REQUIRED]** The CloudWatch alarm name. * **stateReason** *(string) --* **[REQUIRED]** The reason for the alarm change. * **stateValue** *(string) --* **[REQUIRED]** The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA. * **cloudwatchLogs** *(dict) --* Send data to CloudWatch Logs. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that allows access to the CloudWatch log. * **logGroupName** *(string) --* **[REQUIRED]** The CloudWatch log group to which the action sends data. * **batchMode** *(boolean) --* Indicates whether batches of log records will be extracted and uploaded into CloudWatch. Values include "true" or "false" *(default)*. * **elasticsearch** *(dict) --* Write data to an Amazon OpenSearch Service domain. Note: The "Elasticsearch" action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the "OpenSearch" rule action instead. For more information, see OpenSearchAction. * **roleArn** *(string) --* **[REQUIRED]** The IAM role ARN that has access to OpenSearch. * **endpoint** *(string) --* **[REQUIRED]** The endpoint of your OpenSearch domain. * **index** *(string) --* **[REQUIRED]** The index where you want to store your data. * **type** *(string) --* **[REQUIRED]** The type of document you are storing. * **id** *(string) --* **[REQUIRED]** The unique identifier for the document you are storing. * **salesforce** *(dict) --* Send a message to a Salesforce IoT Cloud Input Stream. * **token** *(string) --* **[REQUIRED]** The token used to authenticate access to the Salesforce IoT Cloud Input Stream. The token is available from the Salesforce IoT Cloud platform after creation of the Input Stream. * **url** *(string) --* **[REQUIRED]** The URL exposed by the Salesforce IoT Cloud Input Stream. The URL is available from the Salesforce IoT Cloud platform after creation of the Input Stream. * **iotAnalytics** *(dict) --* Sends message data to an IoT Analytics channel. * **channelArn** *(string) --* (deprecated) The ARN of the IoT Analytics channel to which message data will be sent. * **channelName** *(string) --* The name of the IoT Analytics channel to which message data will be sent. * **batchMode** *(boolean) --* Whether to process the action as a batch. The default value is "false". When "batchMode" is "true" and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by BatchPutMessage to the IoT Analytics channel. The resulting array can't have more than 100 messages. * **roleArn** *(string) --* The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage). * **iotEvents** *(dict) --* Sends an input to an IoT Events detector. * **inputName** *(string) --* **[REQUIRED]** The name of the IoT Events input. * **messageId** *(string) --* The ID of the message. The default "messageId" is a new UUID value. When "batchMode" is "true", you can't specify a "messageId"--a new UUID value will be assigned. Assign a value to this property to ensure that only one input (message) with a given "messageId" will be processed by an IoT Events detector. * **batchMode** *(boolean) --* Whether to process the event actions as a batch. The default value is "false". When "batchMode" is "true", you can't specify a "messageId". When "batchMode" is "true" and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when it's sent to IoT Events by calling BatchPutMessage. The resulting array can't have more than 10 messages. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants IoT permission to send an input to an IoT Events detector. ("Action":"iotevents:BatchPutMessage"). * **iotSiteWise** *(dict) --* Sends data from the MQTT message that triggered the rule to IoT SiteWise asset properties. * **putAssetPropertyValueEntries** *(list) --* **[REQUIRED]** A list of asset property value entries. * *(dict) --* An asset property value entry containing the following information. * **entryId** *(string) --* Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID. * **assetId** *(string) --* The ID of the IoT SiteWise asset. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyId** *(string) --* The ID of the asset's property. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyAlias** *(string) --* The name of the property alias associated with your asset property. You must specify either a "propertyAlias" or both an "aliasId" and a "propertyId". Accepts substitution templates. * **propertyValues** *(list) --* **[REQUIRED]** A list of property values to insert that each contain timestamp, quality, and value (TQV) information. * *(dict) --* An asset property value entry containing the following information. * **value** *(dict) --* **[REQUIRED]** The value of the asset property. * **stringValue** *(string) --* Optional. The string value of the value entry. Accepts substitution templates. * **integerValue** *(string) --* Optional. A string that contains the integer value of the value entry. Accepts substitution templates. * **doubleValue** *(string) --* Optional. A string that contains the double value of the value entry. Accepts substitution templates. * **booleanValue** *(string) --* Optional. A string that contains the boolean value ( "true" or "false") of the value entry. Accepts substitution templates. * **timestamp** *(dict) --* **[REQUIRED]** The asset property value timestamp. * **timeInSeconds** *(string) --* **[REQUIRED]** A string that contains the time in seconds since epoch. Accepts substitution templates. * **offsetInNanos** *(string) --* Optional. A string that contains the nanosecond time offset. Accepts substitution templates. * **quality** *(string) --* Optional. A string that describes the quality of the value. Accepts substitution templates. Must be "GOOD", "BAD", or "UNCERTAIN". * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants IoT permission to send an asset property value to IoT SiteWise. ( ""Action": "iotsitewise:BatchPutAssetPropertyValue""). The trust policy can restrict access to specific asset hierarchy paths. * **stepFunctions** *(dict) --* Starts execution of a Step Functions state machine. * **executionNamePrefix** *(string) --* (Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided. * **stateMachineName** *(string) --* **[REQUIRED]** The name of the Step Functions state machine whose execution will be started. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants IoT permission to start execution of a state machine ("Action":"states:StartExecution"). * **timestream** *(dict) --* The Timestream rule action writes attributes (measures) from an MQTT message into an Amazon Timestream table. For more information, see the Timestream topic rule action documentation. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the role that grants permission to write to the Amazon Timestream database table. * **databaseName** *(string) --* **[REQUIRED]** The name of an Amazon Timestream database. * **tableName** *(string) --* **[REQUIRED]** The name of the database table into which to write the measure records. * **dimensions** *(list) --* **[REQUIRED]** Metadata attributes of the time series that are written in each measure record. * *(dict) --* Metadata attributes of the time series that are written in each measure record. * **name** *(string) --* **[REQUIRED]** The metadata dimension name. This is the name of the column in the Amazon Timestream database table record. Dimensions cannot be named: "measure_name", "measure_value", or "time". These names are reserved. Dimension names cannot start with "ts_" or "measure_value" and they cannot contain the colon ( ":") character. * **value** *(string) --* **[REQUIRED]** The value to write in this column of the database record. * **timestamp** *(dict) --* Specifies an application-defined value to replace the default value assigned to the Timestream record's timestamp in the "time" column. You can use this property to specify the value and the precision of the Timestream record's timestamp. You can specify a value from the message payload or a value computed by a substitution template. If omitted, the topic rule action assigns the timestamp, in milliseconds, at the time it processed the rule. * **value** *(string) --* **[REQUIRED]** An expression that returns a long epoch time value. * **unit** *(string) --* **[REQUIRED]** The precision of the timestamp value that results from the expression described in "value". Valid values: "SECONDS" | "MILLISECONDS" | "MICROSECONDS" | "NANOSECONDS". The default is "MILLISECONDS". * **http** *(dict) --* Send data to an HTTPS endpoint. * **url** *(string) --* **[REQUIRED]** The endpoint URL. If substitution templates are used in the URL, you must also specify a "confirmationUrl". If this is a new destination, a new "TopicRuleDestination" is created if possible. * **confirmationUrl** *(string) --* The URL to which IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL. * **headers** *(list) --* The HTTP headers to send with the message data. * *(dict) --* The HTTP action header. * **key** *(string) --* **[REQUIRED]** The HTTP header key. * **value** *(string) --* **[REQUIRED]** The HTTP header value. Substitution templates are supported. * **auth** *(dict) --* The authentication method to use when sending data to an HTTPS endpoint. * **sigv4** *(dict) --* Use Sig V4 authorization. For more information, see Signature Version 4 Signing Process. * **signingRegion** *(string) --* **[REQUIRED]** The signing region. * **serviceName** *(string) --* **[REQUIRED]** The service name to use while signing with Sig V4. * **roleArn** *(string) --* **[REQUIRED]** The ARN of the signing role. * **kafka** *(dict) --* Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster. * **destinationArn** *(string) --* **[REQUIRED]** The ARN of Kafka action's VPC "TopicRuleDestination". * **topic** *(string) --* **[REQUIRED]** The Kafka topic for messages to be sent to the Kafka broker. * **key** *(string) --* The Kafka message key. * **partition** *(string) --* The Kafka message partition. * **clientProperties** *(dict) --* **[REQUIRED]** Properties of the Apache Kafka producer client. * *(string) --* * *(string) --* * **headers** *(list) --* The list of Kafka headers that you specify. * *(dict) --* Specifies a Kafka header using key-value pairs when you create a Rule’s Kafka Action. You can use these headers to route data from IoT clients to downstream Kafka clusters without modifying your message payload. For more information about Rule's Kafka action, see Apache Kafka. * **key** *(string) --* **[REQUIRED]** The key of the Kafka header. * **value** *(string) --* **[REQUIRED]** The value of the Kafka header. * **openSearch** *(dict) --* Write data to an Amazon OpenSearch Service domain. * **roleArn** *(string) --* **[REQUIRED]** The IAM role ARN that has access to OpenSearch. * **endpoint** *(string) --* **[REQUIRED]** The endpoint of your OpenSearch domain. * **index** *(string) --* **[REQUIRED]** The OpenSearch index where you want to store your data. * **type** *(string) --* **[REQUIRED]** The type of document you are storing. * **id** *(string) --* **[REQUIRED]** The unique identifier for the document you are storing. * **location** *(dict) --* The Amazon Location Service rule action sends device location updates from an MQTT message to an Amazon Location tracker resource. * **roleArn** *(string) --* **[REQUIRED]** The IAM role that grants permission to write to the Amazon Location resource. * **trackerName** *(string) --* **[REQUIRED]** The name of the tracker resource in Amazon Location in which the location is updated. * **deviceId** *(string) --* **[REQUIRED]** The unique ID of the device providing the location data. * **timestamp** *(dict) --* The time that the location data was sampled. The default value is the time the MQTT message was processed. * **value** *(string) --* **[REQUIRED]** An expression that returns a long epoch time value. * **unit** *(string) --* The precision of the timestamp value that results from the expression described in "value". Valid values: "SECONDS" | "MILLISECONDS" | "MICROSECONDS" | "NANOSECONDS". The default is "MILLISECONDS". * **latitude** *(string) --* **[REQUIRED]** A string that evaluates to a double value that represents the latitude of the device's location. * **longitude** *(string) --* **[REQUIRED]** A string that evaluates to a double value that represents the longitude of the device's location. * **tags** (*string*) -- Metadata which can be used to manage the topic rule. Note: For URI Request parameters use format: ...key1=value1&key2=value2...For the CLI command-line parameter use format: --tags "key1=value1&key2=value2..."For the cli-input-json file use format: "tags": "key1=value1&key2=value2..." Returns: None **Exceptions** * "IoT.Client.exceptions.SqlParseException" * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.ConflictingResourceUpdateException" * "IoT.Client.exceptions.UnauthorizedException" IoT / Client / list_targets_for_security_profile list_targets_for_security_profile ********************************* IoT.Client.list_targets_for_security_profile(**kwargs) Lists the targets (thing groups) associated with a given Device Defender security profile. Requires permission to access the ListTargetsForSecurityProfile action. See also: AWS API Documentation **Request Syntax** response = client.list_targets_for_security_profile( securityProfileName='string', nextToken='string', maxResults=123 ) Parameters: * **securityProfileName** (*string*) -- **[REQUIRED]** The security profile. * **nextToken** (*string*) -- The token for the next set of results. * **maxResults** (*integer*) -- The maximum number of results to return at one time. Return type: dict Returns: **Response Syntax** { 'securityProfileTargets': [ { 'arn': 'string' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **securityProfileTargets** *(list) --* The thing groups to which the security profile is attached. * *(dict) --* A target to which an alert is sent when a security profile behavior is violated. * **arn** *(string) --* The ARN of the security profile. * **nextToken** *(string) --* A token that can be used to retrieve the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / validate_security_profile_behaviors validate_security_profile_behaviors *********************************** IoT.Client.validate_security_profile_behaviors(**kwargs) Validates a Device Defender security profile behaviors specification. Requires permission to access the ValidateSecurityProfileBehaviors action. See also: AWS API Documentation **Request Syntax** response = client.validate_security_profile_behaviors( behaviors=[ { 'name': 'string', 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'criteria': { 'comparisonOperator': 'less-than'|'less-than-equals'|'greater-than'|'greater-than-equals'|'in-cidr-set'|'not-in-cidr-set'|'in-port-set'|'not-in-port-set'|'in-set'|'not-in-set', 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'durationSeconds': 123, 'consecutiveDatapointsToAlarm': 123, 'consecutiveDatapointsToClear': 123, 'statisticalThreshold': { 'statistic': 'string' }, 'mlDetectionConfig': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' } }, 'suppressAlerts': True|False, 'exportMetric': True|False }, ] ) Parameters: **behaviors** (*list*) -- **[REQUIRED]** Specifies the behaviors that, when violated by a device (thing), cause an alert. * *(dict) --* A Device Defender security profile behavior. * **name** *(string) --* **[REQUIRED]** The name you've given to the behavior. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension for a metric in your behavior. For example, using a "TOPIC_FILTER" dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can't be used with custom metrics. * **dimensionName** *(string) --* **[REQUIRED]** A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **criteria** *(dict) --* The criteria that determine if a device is behaving normally in regard to the "metric". Note: In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously. * **comparisonOperator** *(string) --* The operator that relates the thing measured ( "metric") to the criteria (containing a "value" or "statisticalThreshold"). Valid operators include: * "string-list": "in-set" and "not-in-set" * "number-list": "in-set" and "not-in-set" * "ip-address-list": "in-cidr-set" and "not-in-cidr-set" * "number": "less-than", "less-than-equals", "greater- than", and "greater-than-equals" * **value** *(dict) --* The value to be compared with the "metric". * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **durationSeconds** *(integer) --* Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, "NUM_MESSAGES_SENT"). For a "statisticalThreshhold" metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes. * **consecutiveDatapointsToAlarm** *(integer) --* If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. * **consecutiveDatapointsToClear** *(integer) --* If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. * **statisticalThreshold** *(dict) --* A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. * **statistic** *(string) --* The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( "durationSeconds") from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( "comparisonOperator") the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs. * **mlDetectionConfig** *(dict) --* The configuration of an ML Detect * **confidenceLevel** *(string) --* **[REQUIRED]** The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **suppressAlerts** *(boolean) --* Suppresses alerts. * **exportMetric** *(boolean) --* Value indicates exporting metrics related to the behavior when it is true. Return type: dict Returns: **Response Syntax** { 'valid': True|False, 'validationErrors': [ { 'errorMessage': 'string' }, ] } **Response Structure** * *(dict) --* * **valid** *(boolean) --* True if the behaviors were valid. * **validationErrors** *(list) --* The list of any errors found in the behaviors. * *(dict) --* Information about an error found in a behavior specification. * **errorMessage** *(string) --* The description of an error found in the behaviors. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / create_certificate_from_csr create_certificate_from_csr *************************** IoT.Client.create_certificate_from_csr(**kwargs) Creates an X.509 certificate using the specified certificate signing request. Requires permission to access the CreateCertificateFromCsr action. Note: The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256, NIST P-384, or NIST P-521 curves. For supported certificates, consult Certificate signing algorithms supported by IoT. Note: Reusing the same certificate signing request (CSR) results in a distinct certificate. You can create multiple certificates in a batch by creating a directory, copying multiple ".csr" files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs. In the following commands, we assume that a set of CSRs are located inside of the directory my-csr-directory: On Linux and OS X, the command is: "$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate- from-csr --certificate-signing-request file://my-csr-directory/{}" This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the "aws iot create-certificate-from-csr" Amazon Web Services CLI command to create a certificate for the corresponding CSR. You can also run the "aws iot create-certificate-from-csr" part of the command in parallel to speed up the certificate creation process: "$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create- certificate-from-csr --certificate-signing-request file://my-csr- directory/{}" On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is: "> ls -Name my-csr-directory | %{aws iot create-certificate-from- csr --certificate-signing-request file://my-csr-directory/$_}" On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is: "> forfiles /p my-csr-directory /c "cmd /c aws iot create- certificate-from-csr --certificate-signing-request file://@path"" See also: AWS API Documentation **Request Syntax** response = client.create_certificate_from_csr( certificateSigningRequest='string', setAsActive=True|False ) Parameters: * **certificateSigningRequest** (*string*) -- **[REQUIRED]** The certificate signing request (CSR). * **setAsActive** (*boolean*) -- Specifies whether the certificate is active. Return type: dict Returns: **Response Syntax** { 'certificateArn': 'string', 'certificateId': 'string', 'certificatePem': 'string' } **Response Structure** * *(dict) --* The output from the CreateCertificateFromCsr operation. * **certificateArn** *(string) --* The Amazon Resource Name (ARN) of the certificate. You can use the ARN as a principal for policy operations. * **certificateId** *(string) --* The ID of the certificate. Certificate management operations only take a certificateId. * **certificatePem** *(string) --* The certificate data, in PEM format. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / untag_resource untag_resource ************** IoT.Client.untag_resource(**kwargs) Removes the given tags (metadata) from the resource. Requires permission to access the UntagResource action. See also: AWS API Documentation **Request Syntax** response = client.untag_resource( resourceArn='string', tagKeys=[ 'string', ] ) Parameters: * **resourceArn** (*string*) -- **[REQUIRED]** The ARN of the resource. * **tagKeys** (*list*) -- **[REQUIRED]** A list of the keys of the tags to be removed from the resource. * *(string) --* Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" IoT / Client / delete_mitigation_action delete_mitigation_action ************************ IoT.Client.delete_mitigation_action(**kwargs) Deletes a defined mitigation action from your Amazon Web Services accounts. Requires permission to access the DeleteMitigationAction action. See also: AWS API Documentation **Request Syntax** response = client.delete_mitigation_action( actionName='string' ) Parameters: **actionName** (*string*) -- **[REQUIRED]** The name of the mitigation action that you want to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / describe_certificate_provider describe_certificate_provider ***************************** IoT.Client.describe_certificate_provider(**kwargs) Describes a certificate provider. Requires permission to access the DescribeCertificateProvider action. See also: AWS API Documentation **Request Syntax** response = client.describe_certificate_provider( certificateProviderName='string' ) Parameters: **certificateProviderName** (*string*) -- **[REQUIRED]** The name of the certificate provider. Return type: dict Returns: **Response Syntax** { 'certificateProviderName': 'string', 'certificateProviderArn': 'string', 'lambdaFunctionArn': 'string', 'accountDefaultForOperations': [ 'CreateCertificateFromCsr', ], 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) } **Response Structure** * *(dict) --* * **certificateProviderName** *(string) --* The name of the certificate provider. * **certificateProviderArn** *(string) --* The ARN of the certificate provider. * **lambdaFunctionArn** *(string) --* The Lambda function ARN that's associated with the certificate provider. * **accountDefaultForOperations** *(list) --* A list of the operations that the certificate provider will use to generate certificates. Valid value: "CreateCertificateFromCsr". * *(string) --* * **creationDate** *(datetime) --* The date-time string that indicates when the certificate provider was created. * **lastModifiedDate** *(datetime) --* The date-time string that indicates when the certificate provider was last updated. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / set_default_authorizer set_default_authorizer ********************** IoT.Client.set_default_authorizer(**kwargs) Sets the default authorizer. This will be used if a websocket connection is made without specifying an authorizer. Requires permission to access the SetDefaultAuthorizer action. See also: AWS API Documentation **Request Syntax** response = client.set_default_authorizer( authorizerName='string' ) Parameters: **authorizerName** (*string*) -- **[REQUIRED]** The authorizer name. Return type: dict Returns: **Response Syntax** { 'authorizerName': 'string', 'authorizerArn': 'string' } **Response Structure** * *(dict) --* * **authorizerName** *(string) --* The authorizer name. * **authorizerArn** *(string) --* The authorizer ARN. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceAlreadyExistsException" IoT / Client / get_ota_update get_ota_update ************** IoT.Client.get_ota_update(**kwargs) Gets an OTA update. Requires permission to access the GetOTAUpdate action. See also: AWS API Documentation **Request Syntax** response = client.get_ota_update( otaUpdateId='string' ) Parameters: **otaUpdateId** (*string*) -- **[REQUIRED]** The OTA update ID. Return type: dict Returns: **Response Syntax** { 'otaUpdateInfo': { 'otaUpdateId': 'string', 'otaUpdateArn': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'description': 'string', 'targets': [ 'string', ], 'protocols': [ 'MQTT'|'HTTP', ], 'awsJobExecutionsRolloutConfig': { 'maximumPerMinute': 123, 'exponentialRate': { 'baseRatePerMinute': 123, 'incrementFactor': 123.0, 'rateIncreaseCriteria': { 'numberOfNotifiedThings': 123, 'numberOfSucceededThings': 123 } } }, 'awsJobPresignedUrlConfig': { 'expiresInSec': 123 }, 'targetSelection': 'CONTINUOUS'|'SNAPSHOT', 'otaUpdateFiles': [ { 'fileName': 'string', 'fileType': 123, 'fileVersion': 'string', 'fileLocation': { 'stream': { 'streamId': 'string', 'fileId': 123 }, 's3Location': { 'bucket': 'string', 'key': 'string', 'version': 'string' } }, 'codeSigning': { 'awsSignerJobId': 'string', 'startSigningJobParameter': { 'signingProfileParameter': { 'certificateArn': 'string', 'platform': 'string', 'certificatePathOnDevice': 'string' }, 'signingProfileName': 'string', 'destination': { 's3Destination': { 'bucket': 'string', 'prefix': 'string' } } }, 'customCodeSigning': { 'signature': { 'inlineDocument': b'bytes' }, 'certificateChain': { 'certificateName': 'string', 'inlineDocument': 'string' }, 'hashAlgorithm': 'string', 'signatureAlgorithm': 'string' } }, 'attributes': { 'string': 'string' } }, ], 'otaUpdateStatus': 'CREATE_PENDING'|'CREATE_IN_PROGRESS'|'CREATE_COMPLETE'|'CREATE_FAILED'|'DELETE_IN_PROGRESS'|'DELETE_FAILED', 'awsIotJobId': 'string', 'awsIotJobArn': 'string', 'errorInfo': { 'code': 'string', 'message': 'string' }, 'additionalParameters': { 'string': 'string' } } } **Response Structure** * *(dict) --* * **otaUpdateInfo** *(dict) --* The OTA update info. * **otaUpdateId** *(string) --* The OTA update ID. * **otaUpdateArn** *(string) --* The OTA update ARN. * **creationDate** *(datetime) --* The date when the OTA update was created. * **lastModifiedDate** *(datetime) --* The date when the OTA update was last updated. * **description** *(string) --* A description of the OTA update. * **targets** *(list) --* The targets of the OTA update. * *(string) --* * **protocols** *(list) --* The protocol used to transfer the OTA update image. Valid values are [HTTP], [MQTT], [HTTP, MQTT]. When both HTTP and MQTT are specified, the target device can choose the protocol. * *(string) --* * **awsJobExecutionsRolloutConfig** *(dict) --* Configuration for the rollout of OTA updates. * **maximumPerMinute** *(integer) --* The maximum number of OTA update job executions started per minute. * **exponentialRate** *(dict) --* The rate of increase for a job rollout. This parameter allows you to define an exponential rate increase for a job rollout. * **baseRatePerMinute** *(integer) --* The minimum number of things that will be notified of a pending job, per minute, at the start of the job rollout. This is the initial rate of the rollout. * **incrementFactor** *(float) --* The rate of increase for a job rollout. The number of things notified is multiplied by this factor. * **rateIncreaseCriteria** *(dict) --* The criteria to initiate the increase in rate of rollout for a job. Amazon Web Services IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55). * **numberOfNotifiedThings** *(integer) --* When this number of things have been notified, it will initiate an increase in the rollout rate. * **numberOfSucceededThings** *(integer) --* When this number of things have succeeded in their job execution, it will initiate an increase in the rollout rate. * **awsJobPresignedUrlConfig** *(dict) --* Configuration information for pre-signed URLs. Valid when "protocols" contains HTTP. * **expiresInSec** *(integer) --* How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 1800 seconds. Pre-signed URLs are generated when a request for the job document is received. * **targetSelection** *(string) --* Specifies whether the OTA update will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the OTA update (SNAPSHOT). If continuous, the OTA update may also be run on a thing when a change is detected in a target. For example, an OTA update will run on a thing when the thing is added to a target group, even after the OTA update was completed by all things originally in the group. * **otaUpdateFiles** *(list) --* A list of files associated with the OTA update. * *(dict) --* Describes a file to be associated with an OTA update. * **fileName** *(string) --* The name of the file. * **fileType** *(integer) --* An integer value you can include in the job document to allow your devices to identify the type of file received from the cloud. * **fileVersion** *(string) --* The file version. * **fileLocation** *(dict) --* The location of the updated firmware. * **stream** *(dict) --* The stream that contains the OTA update. * **streamId** *(string) --* The stream ID. * **fileId** *(integer) --* The ID of a file associated with a stream. * **s3Location** *(dict) --* The location of the updated firmware in S3. * **bucket** *(string) --* The S3 bucket. * **key** *(string) --* The S3 key. * **version** *(string) --* The S3 bucket version. * **codeSigning** *(dict) --* The code signing method of the file. * **awsSignerJobId** *(string) --* The ID of the "AWSSignerJob" which was created to sign the file. * **startSigningJobParameter** *(dict) --* Describes the code-signing job. * **signingProfileParameter** *(dict) --* Describes the code-signing profile. * **certificateArn** *(string) --* Certificate ARN. * **platform** *(string) --* The hardware platform of your device. * **certificatePathOnDevice** *(string) --* The location of the code-signing certificate on your device. * **signingProfileName** *(string) --* The code-signing profile name. * **destination** *(dict) --* The location to write the code-signed file. * **s3Destination** *(dict) --* Describes the location in S3 of the updated firmware. * **bucket** *(string) --* The S3 bucket that contains the updated firmware. * **prefix** *(string) --* The S3 prefix. * **customCodeSigning** *(dict) --* A custom method for code signing a file. * **signature** *(dict) --* The signature for the file. * **inlineDocument** *(bytes) --* A base64 encoded binary representation of the code signing signature. * **certificateChain** *(dict) --* The certificate chain. * **certificateName** *(string) --* The name of the certificate. * **inlineDocument** *(string) --* A base64 encoded binary representation of the code signing certificate chain. * **hashAlgorithm** *(string) --* The hash algorithm used to code sign the file. You can use a string as the algorithm name if the target over-the-air (OTA) update devices are able to verify the signature that was generated using the same signature algorithm. For example, FreeRTOS uses "SHA256" or "SHA1", so you can pass either of them based on which was used for generating the signature. * **signatureAlgorithm** *(string) --* The signature algorithm used to code sign the file. You can use a string as the algorithm name if the target over-the-air (OTA) update devices are able to verify the signature that was generated using the same signature algorithm. For example, FreeRTOS uses "ECDSA" or "RSA", so you can pass either of them based on which was used for generating the signature. * **attributes** *(dict) --* A list of name-attribute pairs. They won't be sent to devices as a part of the Job document. * *(string) --* * *(string) --* * **otaUpdateStatus** *(string) --* The status of the OTA update. * **awsIotJobId** *(string) --* The IoT job ID associated with the OTA update. * **awsIotJobArn** *(string) --* The IoT job ARN associated with the OTA update. * **errorInfo** *(dict) --* Error information associated with the OTA update. * **code** *(string) --* The error code. * **message** *(string) --* The error message. * **additionalParameters** *(dict) --* A collection of name/value pairs * *(string) --* * *(string) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / describe_scheduled_audit describe_scheduled_audit ************************ IoT.Client.describe_scheduled_audit(**kwargs) Gets information about a scheduled audit. Requires permission to access the DescribeScheduledAudit action. See also: AWS API Documentation **Request Syntax** response = client.describe_scheduled_audit( scheduledAuditName='string' ) Parameters: **scheduledAuditName** (*string*) -- **[REQUIRED]** The name of the scheduled audit whose information you want to get. Return type: dict Returns: **Response Syntax** { 'frequency': 'DAILY'|'WEEKLY'|'BIWEEKLY'|'MONTHLY', 'dayOfMonth': 'string', 'dayOfWeek': 'SUN'|'MON'|'TUE'|'WED'|'THU'|'FRI'|'SAT', 'targetCheckNames': [ 'string', ], 'scheduledAuditName': 'string', 'scheduledAuditArn': 'string' } **Response Structure** * *(dict) --* * **frequency** *(string) --* How often the scheduled audit takes place, either one of "DAILY", "WEEKLY", "BIWEEKLY", or "MONTHLY". The start time of each audit is determined by the system. * **dayOfMonth** *(string) --* The day of the month on which the scheduled audit takes place. This is will be "1" through "31" or "LAST". If days "29"- "31" are specified, and the month does not have that many days, the audit takes place on the "LAST" day of the month. * **dayOfWeek** *(string) --* The day of the week on which the scheduled audit takes place, either one of "SUN", "MON", "TUE", "WED", "THU", "FRI", or "SAT". * **targetCheckNames** *(list) --* Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * *(string) --* An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * **scheduledAuditName** *(string) --* The name of the scheduled audit. * **scheduledAuditArn** *(string) --* The ARN of the scheduled audit. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / create_policy create_policy ************* IoT.Client.create_policy(**kwargs) Creates an IoT policy. The created policy is the default version for the policy. This operation creates a policy version with a version identifier of **1** and sets **1** as the policy's default version. Requires permission to access the CreatePolicy action. See also: AWS API Documentation **Request Syntax** response = client.create_policy( policyName='string', policyDocument='string', tags=[ { 'Key': 'string', 'Value': 'string' }, ] ) Parameters: * **policyName** (*string*) -- **[REQUIRED]** The policy name. * **policyDocument** (*string*) -- **[REQUIRED]** The JSON document that describes the policy. **policyDocument** must have a minimum length of 1, with a maximum length of 2048, excluding whitespace. * **tags** (*list*) -- Metadata which can be used to manage the policy. Note: For URI Request parameters use format: ...key1=value1&key2=value2...For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."For the cli-input-json file use format: "tags": "key1=value1&key2=value2..." * *(dict) --* A set of key/value pairs that are used to manage the resource. * **Key** *(string) --* **[REQUIRED]** The tag's key. * **Value** *(string) --* The tag's value. Return type: dict Returns: **Response Syntax** { 'policyName': 'string', 'policyArn': 'string', 'policyDocument': 'string', 'policyVersionId': 'string' } **Response Structure** * *(dict) --* The output from the CreatePolicy operation. * **policyName** *(string) --* The policy name. * **policyArn** *(string) --* The policy ARN. * **policyDocument** *(string) --* The JSON document that describes the policy. * **policyVersionId** *(string) --* The policy version ID. **Exceptions** * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.MalformedPolicyException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_managed_job_templates list_managed_job_templates ************************** IoT.Client.list_managed_job_templates(**kwargs) Returns a list of managed job templates. See also: AWS API Documentation **Request Syntax** response = client.list_managed_job_templates( templateName='string', maxResults=123, nextToken='string' ) Parameters: * **templateName** (*string*) -- An optional parameter for template name. If specified, only the versions of the managed job templates that have the specified template name will be returned. * **maxResults** (*integer*) -- Maximum number of entries that can be returned. * **nextToken** (*string*) -- The token to retrieve the next set of results. Return type: dict Returns: **Response Syntax** { 'managedJobTemplates': [ { 'templateArn': 'string', 'templateName': 'string', 'description': 'string', 'environments': [ 'string', ], 'templateVersion': 'string' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **managedJobTemplates** *(list) --* A list of managed job templates that are returned. * *(dict) --* An object that contains information about the managed template. * **templateArn** *(string) --* The Amazon Resource Name (ARN) for a managed template. * **templateName** *(string) --* The unique Name for a managed template. * **description** *(string) --* The description for a managed template. * **environments** *(list) --* A list of environments that are supported with the managed job template. * *(string) --* * **templateVersion** *(string) --* The version for a managed template. * **nextToken** *(string) --* The token to retrieve the next set of results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / update_dimension update_dimension **************** IoT.Client.update_dimension(**kwargs) Updates the definition for a dimension. You cannot change the type of a dimension after it is created (you can delete it and recreate it). Requires permission to access the UpdateDimension action. See also: AWS API Documentation **Request Syntax** response = client.update_dimension( name='string', stringValues=[ 'string', ] ) Parameters: * **name** (*string*) -- **[REQUIRED]** A unique identifier for the dimension. Choose something that describes the type and value to make it easy to remember what it does. * **stringValues** (*list*) -- **[REQUIRED]** Specifies the value or list of values for the dimension. For "TOPIC_FILTER" dimensions, this is a pattern used to match the MQTT topic (for example, "admin/#"). * *(string) --* Return type: dict Returns: **Response Syntax** { 'name': 'string', 'arn': 'string', 'type': 'TOPIC_FILTER', 'stringValues': [ 'string', ], 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) } **Response Structure** * *(dict) --* * **name** *(string) --* A unique identifier for the dimension. * **arn** *(string) --* The Amazon Resource Name (ARN)of the created dimension. * **type** *(string) --* The type of the dimension. * **stringValues** *(list) --* The value or list of values used to scope the dimension. For example, for topic filters, this is the pattern used to match the MQTT topic name. * *(string) --* * **creationDate** *(datetime) --* The date and time, in milliseconds since epoch, when the dimension was initially created. * **lastModifiedDate** *(datetime) --* The date and time, in milliseconds since epoch, when the dimension was most recently updated. **Exceptions** * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" IoT / Client / get_waiter get_waiter ********** IoT.Client.get_waiter(waiter_name) Returns an object that can wait for some condition. Parameters: **waiter_name** (*str*) -- The name of the waiter to get. See the waiters section of the service docs for a list of available waiters. Returns: The specified waiter object. Return type: "botocore.waiter.Waiter" IoT / Client / describe_stream describe_stream *************** IoT.Client.describe_stream(**kwargs) Gets information about a stream. Requires permission to access the DescribeStream action. See also: AWS API Documentation **Request Syntax** response = client.describe_stream( streamId='string' ) Parameters: **streamId** (*string*) -- **[REQUIRED]** The stream ID. Return type: dict Returns: **Response Syntax** { 'streamInfo': { 'streamId': 'string', 'streamArn': 'string', 'streamVersion': 123, 'description': 'string', 'files': [ { 'fileId': 123, 's3Location': { 'bucket': 'string', 'key': 'string', 'version': 'string' } }, ], 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'roleArn': 'string' } } **Response Structure** * *(dict) --* * **streamInfo** *(dict) --* Information about the stream. * **streamId** *(string) --* The stream ID. * **streamArn** *(string) --* The stream ARN. * **streamVersion** *(integer) --* The stream version. * **description** *(string) --* The description of the stream. * **files** *(list) --* The files to stream. * *(dict) --* Represents a file to stream. * **fileId** *(integer) --* The file ID. * **s3Location** *(dict) --* The location of the file in S3. * **bucket** *(string) --* The S3 bucket. * **key** *(string) --* The S3 key. * **version** *(string) --* The S3 bucket version. * **createdAt** *(datetime) --* The date when the stream was created. * **lastUpdatedAt** *(datetime) --* The date when the stream was last updated. * **roleArn** *(string) --* An IAM role IoT assumes to access your S3 files. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_certificate_providers list_certificate_providers ************************** IoT.Client.list_certificate_providers(**kwargs) Lists all your certificate providers in your Amazon Web Services account. Requires permission to access the ListCertificateProviders action. See also: AWS API Documentation **Request Syntax** response = client.list_certificate_providers( nextToken='string', ascendingOrder=True|False ) Parameters: * **nextToken** (*string*) -- The token for the next set of results, or "null" if there are no more results. * **ascendingOrder** (*boolean*) -- Returns the list of certificate providers in ascending alphabetical order. Return type: dict Returns: **Response Syntax** { 'certificateProviders': [ { 'certificateProviderName': 'string', 'certificateProviderArn': 'string' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **certificateProviders** *(list) --* The list of certificate providers in your Amazon Web Services account. * *(dict) --* The certificate provider summary. * **certificateProviderName** *(string) --* The name of the certificate provider. * **certificateProviderArn** *(string) --* The ARN of the certificate provider. * **nextToken** *(string) --* The token for the next set of results, or "null" if there are no more results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / delete_policy delete_policy ************* IoT.Client.delete_policy(**kwargs) Deletes the specified policy. A policy cannot be deleted if it has non-default versions or it is attached to any certificate. To delete a policy, use the DeletePolicyVersion action to delete all non-default versions of the policy; use the DetachPolicy action to detach the policy from any certificate; and then use the DeletePolicy action to delete the policy. When a policy is deleted using DeletePolicy, its default version is deleted with it. Note: Because of the distributed nature of Amazon Web Services, it can take up to five minutes after a policy is detached before it's ready to be deleted. Requires permission to access the DeletePolicy action. See also: AWS API Documentation **Request Syntax** response = client.delete_policy( policyName='string' ) Parameters: **policyName** (*string*) -- **[REQUIRED]** The name of the policy to delete. Returns: None **Exceptions** * "IoT.Client.exceptions.DeleteConflictException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / get_command get_command *********** IoT.Client.get_command(**kwargs) Gets information about the specified command. See also: AWS API Documentation **Request Syntax** response = client.get_command( commandId='string' ) Parameters: **commandId** (*string*) -- **[REQUIRED]** The unique identifier of the command for which you want to retrieve information. Return type: dict Returns: **Response Syntax** { 'commandId': 'string', 'commandArn': 'string', 'namespace': 'AWS-IoT'|'AWS-IoT-FleetWise', 'displayName': 'string', 'description': 'string', 'mandatoryParameters': [ { 'name': 'string', 'value': { 'S': 'string', 'B': True|False, 'I': 123, 'L': 123, 'D': 123.0, 'BIN': b'bytes', 'UL': 'string' }, 'defaultValue': { 'S': 'string', 'B': True|False, 'I': 123, 'L': 123, 'D': 123.0, 'BIN': b'bytes', 'UL': 'string' }, 'description': 'string' }, ], 'payload': { 'content': b'bytes', 'contentType': 'string' }, 'roleArn': 'string', 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'deprecated': True|False, 'pendingDeletion': True|False } **Response Structure** * *(dict) --* * **commandId** *(string) --* The unique identifier of the command. * **commandArn** *(string) --* The Amazon Resource Number (ARN) of the command. For example, "arn:aws:iot:::command/" * **namespace** *(string) --* The namespace of the command. * **displayName** *(string) --* The user-friendly name in the console for the command. * **description** *(string) --* A short text description of the command. * **mandatoryParameters** *(list) --* A list of parameters for the command created. * *(dict) --* A map of key-value pairs that describe the command. * **name** *(string) --* The name of a specific parameter used in a command and command execution. * **value** *(dict) --* The value used to describe the command. When you assign a value to a parameter, it will override any default value that you had already specified. * **S** *(string) --* An attribute of type String. For example: ""S": "Hello"" * **B** *(boolean) --* An attribute of type Boolean. For example: ""BOOL": true" * **I** *(integer) --* An attribute of type Integer (Thirty-Two Bits). * **L** *(integer) --* An attribute of type Long. * **D** *(float) --* An attribute of type Double (Sixty-Four Bits). * **BIN** *(bytes) --* An attribute of type Binary. For example: ""B": "dGhpcyB0ZXh0IGlzIGJhc2U2NC1lbmNvZGVk"" * **UL** *(string) --* An attribute of type unsigned long. * **defaultValue** *(dict) --* The default value used to describe the command. This is the value assumed by the parameter if no other value is assigned to it. * **S** *(string) --* An attribute of type String. For example: ""S": "Hello"" * **B** *(boolean) --* An attribute of type Boolean. For example: ""BOOL": true" * **I** *(integer) --* An attribute of type Integer (Thirty-Two Bits). * **L** *(integer) --* An attribute of type Long. * **D** *(float) --* An attribute of type Double (Sixty-Four Bits). * **BIN** *(bytes) --* An attribute of type Binary. For example: ""B": "dGhpcyB0ZXh0IGlzIGJhc2U2NC1lbmNvZGVk"" * **UL** *(string) --* An attribute of type unsigned long. * **description** *(string) --* The description of the command parameter. * **payload** *(dict) --* The payload object that you provided for the command. * **content** *(bytes) --* The static payload file for the command. * **contentType** *(string) --* The content type that specifies the format type of the payload file. This field must use a type/subtype format, such as "application/json". For information about various content types, see Common MIME types. * **roleArn** *(string) --* The IAM role that you provided when creating the command with "AWS-IoT-FleetWise" as the namespace. * **createdAt** *(datetime) --* The timestamp, when the command was created. * **lastUpdatedAt** *(datetime) --* The timestamp, when the command was last updated. * **deprecated** *(boolean) --* Indicates whether the command has been deprecated. * **pendingDeletion** *(boolean) --* Indicates whether the command is being deleted. **Exceptions** * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / delete_security_profile delete_security_profile *********************** IoT.Client.delete_security_profile(**kwargs) Deletes a Device Defender security profile. Requires permission to access the DeleteSecurityProfile action. See also: AWS API Documentation **Request Syntax** response = client.delete_security_profile( securityProfileName='string', expectedVersion=123 ) Parameters: * **securityProfileName** (*string*) -- **[REQUIRED]** The name of the security profile to be deleted. * **expectedVersion** (*integer*) -- The expected version of the security profile. A new version is generated whenever the security profile is updated. If you specify a value that is different from the actual version, a "VersionConflictException" is thrown. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.VersionConflictException" IoT / Client / describe_managed_job_template describe_managed_job_template ***************************** IoT.Client.describe_managed_job_template(**kwargs) View details of a managed job template. See also: AWS API Documentation **Request Syntax** response = client.describe_managed_job_template( templateName='string', templateVersion='string' ) Parameters: * **templateName** (*string*) -- **[REQUIRED]** The unique name of a managed job template, which is required. * **templateVersion** (*string*) -- An optional parameter to specify version of a managed template. If not specified, the pre-defined default version is returned. Return type: dict Returns: **Response Syntax** { 'templateName': 'string', 'templateArn': 'string', 'description': 'string', 'templateVersion': 'string', 'environments': [ 'string', ], 'documentParameters': [ { 'key': 'string', 'description': 'string', 'regex': 'string', 'example': 'string', 'optional': True|False }, ], 'document': 'string' } **Response Structure** * *(dict) --* * **templateName** *(string) --* The unique name of a managed template, such as "AWS-Reboot". * **templateArn** *(string) --* The unique Amazon Resource Name (ARN) of the managed template. * **description** *(string) --* The unique description of a managed template. * **templateVersion** *(string) --* The version for a managed template. * **environments** *(list) --* A list of environments that are supported with the managed job template. * *(string) --* * **documentParameters** *(list) --* A map of key-value pairs that you can use as guidance to specify the inputs for creating a job from a managed template. Note: "documentParameters" can only be used when creating jobs from Amazon Web Services managed templates. This parameter can't be used with custom job templates or to create jobs from them. * *(dict) --* A map of key-value pairs containing the patterns that need to be replaced in a managed template job document schema. You can use the description of each key as a guidance to specify the inputs during runtime when creating a job. Note: "documentParameters" can only be used when creating jobs from Amazon Web Services managed templates. This parameter can't be used with custom job templates or to create jobs from them. * **key** *(string) --* Key of the map field containing the patterns that need to be replaced in a managed template job document schema. * **description** *(string) --* Description of the map field containing the patterns that need to be replaced in a managed template job document schema. * **regex** *(string) --* A regular expression of the patterns that need to be replaced in a managed template job document schema. * **example** *(string) --* An example illustrating a pattern that need to be replaced in a managed template job document schema. * **optional** *(boolean) --* Specifies whether a pattern that needs to be replaced in a managed template job document schema is optional or required. * **document** *(string) --* The document schema for a managed job template. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / list_job_executions_for_job list_job_executions_for_job *************************** IoT.Client.list_job_executions_for_job(**kwargs) Lists the job executions for a job. Requires permission to access the ListJobExecutionsForJob action. See also: AWS API Documentation **Request Syntax** response = client.list_job_executions_for_job( jobId='string', status='QUEUED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'TIMED_OUT'|'REJECTED'|'REMOVED'|'CANCELED', maxResults=123, nextToken='string' ) Parameters: * **jobId** (*string*) -- **[REQUIRED]** The unique identifier you assigned to this job when it was created. * **status** (*string*) -- The status of the job. * **maxResults** (*integer*) -- The maximum number of results to be returned per request. * **nextToken** (*string*) -- The token to retrieve the next set of results. Return type: dict Returns: **Response Syntax** { 'executionSummaries': [ { 'thingArn': 'string', 'jobExecutionSummary': { 'status': 'QUEUED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'TIMED_OUT'|'REJECTED'|'REMOVED'|'CANCELED', 'queuedAt': datetime(2015, 1, 1), 'startedAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'executionNumber': 123, 'retryAttempt': 123 } }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **executionSummaries** *(list) --* A list of job execution summaries. * *(dict) --* Contains a summary of information about job executions for a specific job. * **thingArn** *(string) --* The ARN of the thing on which the job execution is running. * **jobExecutionSummary** *(dict) --* Contains a subset of information about a job execution. * **status** *(string) --* The status of the job execution. * **queuedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution was queued. * **startedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution started. * **lastUpdatedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution was last updated. * **executionNumber** *(integer) --* A string (consisting of the digits "0" through "9") which identifies this particular job execution on this particular device. It can be used later in commands which return or update job execution information. * **retryAttempt** *(integer) --* The number that indicates how many retry attempts have been completed for this job on this device. * **nextToken** *(string) --* The token for the next set of results, or **null** if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ServiceUnavailableException" IoT / Client / list_principal_policies list_principal_policies *********************** IoT.Client.list_principal_policies(**kwargs) Lists the policies attached to the specified principal. If you use an Cognito identity, the ID must be in AmazonCognito Identity format. **Note:** This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use ListAttachedPolicies instead. Requires permission to access the ListPrincipalPolicies action. Danger: This operation is deprecated and may not function as expected. This operation should not be used going forward and is only kept for the purpose of backwards compatiblity. See also: AWS API Documentation **Request Syntax** response = client.list_principal_policies( principal='string', marker='string', pageSize=123, ascendingOrder=True|False ) Parameters: * **principal** (*string*) -- **[REQUIRED]** The principal. Valid principals are CertificateArn (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and CognitoId (*region*:*id*). * **marker** (*string*) -- The marker for the next set of results. * **pageSize** (*integer*) -- The result page size. * **ascendingOrder** (*boolean*) -- Specifies the order for results. If true, results are returned in ascending creation order. Return type: dict Returns: **Response Syntax** { 'policies': [ { 'policyName': 'string', 'policyArn': 'string' }, ], 'nextMarker': 'string' } **Response Structure** * *(dict) --* The output from the ListPrincipalPolicies operation. * **policies** *(list) --* The policies. * *(dict) --* Describes an IoT policy. * **policyName** *(string) --* The policy name. * **policyArn** *(string) --* The policy ARN. * **nextMarker** *(string) --* The marker for the next set of results, or null if there are no additional results. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / describe_job describe_job ************ IoT.Client.describe_job(**kwargs) Describes a job. Requires permission to access the DescribeJob action. See also: AWS API Documentation **Request Syntax** response = client.describe_job( jobId='string', beforeSubstitution=True|False ) Parameters: * **jobId** (*string*) -- **[REQUIRED]** The unique identifier you assigned to this job when it was created. * **beforeSubstitution** (*boolean*) -- Provides a view of the job document before and after the substitution parameters have been resolved with their exact values. Return type: dict Returns: **Response Syntax** { 'documentSource': 'string', 'job': { 'jobArn': 'string', 'jobId': 'string', 'targetSelection': 'CONTINUOUS'|'SNAPSHOT', 'status': 'IN_PROGRESS'|'CANCELED'|'COMPLETED'|'DELETION_IN_PROGRESS'|'SCHEDULED', 'forceCanceled': True|False, 'reasonCode': 'string', 'comment': 'string', 'targets': [ 'string', ], 'description': 'string', 'presignedUrlConfig': { 'roleArn': 'string', 'expiresInSec': 123 }, 'jobExecutionsRolloutConfig': { 'maximumPerMinute': 123, 'exponentialRate': { 'baseRatePerMinute': 123, 'incrementFactor': 123.0, 'rateIncreaseCriteria': { 'numberOfNotifiedThings': 123, 'numberOfSucceededThings': 123 } } }, 'abortConfig': { 'criteriaList': [ { 'failureType': 'FAILED'|'REJECTED'|'TIMED_OUT'|'ALL', 'action': 'CANCEL', 'thresholdPercentage': 123.0, 'minNumberOfExecutedThings': 123 }, ] }, 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'completedAt': datetime(2015, 1, 1), 'jobProcessDetails': { 'processingTargets': [ 'string', ], 'numberOfCanceledThings': 123, 'numberOfSucceededThings': 123, 'numberOfFailedThings': 123, 'numberOfRejectedThings': 123, 'numberOfQueuedThings': 123, 'numberOfInProgressThings': 123, 'numberOfRemovedThings': 123, 'numberOfTimedOutThings': 123 }, 'timeoutConfig': { 'inProgressTimeoutInMinutes': 123 }, 'namespaceId': 'string', 'jobTemplateArn': 'string', 'jobExecutionsRetryConfig': { 'criteriaList': [ { 'failureType': 'FAILED'|'TIMED_OUT'|'ALL', 'numberOfRetries': 123 }, ] }, 'documentParameters': { 'string': 'string' }, 'isConcurrent': True|False, 'schedulingConfig': { 'startTime': 'string', 'endTime': 'string', 'endBehavior': 'STOP_ROLLOUT'|'CANCEL'|'FORCE_CANCEL', 'maintenanceWindows': [ { 'startTime': 'string', 'durationInMinutes': 123 }, ] }, 'scheduledJobRollouts': [ { 'startTime': 'string' }, ], 'destinationPackageVersions': [ 'string', ] } } **Response Structure** * *(dict) --* * **documentSource** *(string) --* An S3 link to the job document. * **job** *(dict) --* Information about the job. * **jobArn** *(string) --* An ARN identifying the job with format "arn:aws:iot:region:account:job/jobId". * **jobId** *(string) --* The unique identifier you assigned to this job when it was created. * **targetSelection** *(string) --* Specifies whether the job will continue to run (CONTINUOUS), or will be complete after all those things specified as targets have completed the job (SNAPSHOT). If continuous, the job may also be run on a thing when a change is detected in a target. For example, a job will run on a device when the thing representing the device is added to a target group, even after the job was completed by all things originally in the group. Note: We recommend that you use continuous jobs instead of snapshot jobs for dynamic thing group targets. By using continuous jobs, devices that join the group receive the job execution even after the job has been created. * **status** *(string) --* The status of the job, one of "IN_PROGRESS", "CANCELED", "DELETION_IN_PROGRESS" or "COMPLETED". * **forceCanceled** *(boolean) --* Will be "true" if the job was canceled with the optional "force" parameter set to "true". * **reasonCode** *(string) --* If the job was updated, provides the reason code for the update. * **comment** *(string) --* If the job was updated, describes the reason for the update. * **targets** *(list) --* A list of IoT things and thing groups to which the job should be sent. * *(string) --* * **description** *(string) --* A short text description of the job. * **presignedUrlConfig** *(dict) --* Configuration for pre-signed S3 URLs. * **roleArn** *(string) --* The ARN of an IAM role that grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files. Warning: For information about addressing the confused deputy problem, see cross-service confused deputy prevention in the *Amazon Web Services IoT Core developer guide*. * **expiresInSec** *(integer) --* How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document. * **jobExecutionsRolloutConfig** *(dict) --* Allows you to create a staged rollout of a job. * **maximumPerMinute** *(integer) --* The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout. * **exponentialRate** *(dict) --* The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout. * **baseRatePerMinute** *(integer) --* The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout. * **incrementFactor** *(float) --* The exponential factor to increase the rate of rollout for a job. Amazon Web Services IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55). * **rateIncreaseCriteria** *(dict) --* The criteria to initiate the increase in rate of rollout for a job. * **numberOfNotifiedThings** *(integer) --* The threshold for number of notified things that will initiate the increase in rate of rollout. * **numberOfSucceededThings** *(integer) --* The threshold for number of succeeded things that will initiate the increase in rate of rollout. * **abortConfig** *(dict) --* Configuration for criteria to abort the job. * **criteriaList** *(list) --* The list of criteria that determine when and how to abort the job. * *(dict) --* The criteria that determine when and how a job abort takes place. * **failureType** *(string) --* The type of job execution failures that can initiate a job abort. * **action** *(string) --* The type of job action to take to initiate the job abort. * **thresholdPercentage** *(float) --* The minimum percentage of job execution failures that must occur to initiate the job abort. Amazon Web Services IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999). * **minNumberOfExecutedThings** *(integer) --* The minimum number of things which must receive job execution notifications before the job can be aborted. * **createdAt** *(datetime) --* The time, in seconds since the epoch, when the job was created. * **lastUpdatedAt** *(datetime) --* The time, in seconds since the epoch, when the job was last updated. * **completedAt** *(datetime) --* The time, in seconds since the epoch, when the job was completed. * **jobProcessDetails** *(dict) --* Details about the job process. * **processingTargets** *(list) --* The target devices to which the job execution is being rolled out. This value will be null after the job execution has finished rolling out to all the target devices. * *(string) --* * **numberOfCanceledThings** *(integer) --* The number of things that cancelled the job. * **numberOfSucceededThings** *(integer) --* The number of things which successfully completed the job. * **numberOfFailedThings** *(integer) --* The number of things that failed executing the job. * **numberOfRejectedThings** *(integer) --* The number of things that rejected the job. * **numberOfQueuedThings** *(integer) --* The number of things that are awaiting execution of the job. * **numberOfInProgressThings** *(integer) --* The number of things currently executing the job. * **numberOfRemovedThings** *(integer) --* The number of things that are no longer scheduled to execute the job because they have been deleted or have been removed from the group that was a target of the job. * **numberOfTimedOutThings** *(integer) --* The number of things whose job execution status is "TIMED_OUT". * **timeoutConfig** *(dict) --* Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to "IN_PROGRESS". If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to "TIMED_OUT". * **inProgressTimeoutInMinutes** *(integer) --* Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal "TIMED_OUT" status. * **namespaceId** *(string) --* The namespace used to indicate that a job is a customer- managed job. When you specify a value for this parameter, Amazon Web Services IoT Core sends jobs notifications to MQTT topics that contain the value in the following format. "$aws/things/THING_NAME/jobs/JOB_ID/notify-namespace- NAMESPACE_ID/" Note: The "namespaceId" feature is only supported by IoT Greengrass at this time. For more information, see Setting up IoT Greengrass core devices. * **jobTemplateArn** *(string) --* The ARN of the job template used to create the job. * **jobExecutionsRetryConfig** *(dict) --* The configuration for the criteria to retry the job. * **criteriaList** *(list) --* The list of criteria that determines how many retries are allowed for each failure type for a job. * *(dict) --* The criteria that determines how many retries are allowed for each failure type for a job. * **failureType** *(string) --* The type of job execution failures that can initiate a job retry. * **numberOfRetries** *(integer) --* The number of retries allowed for a failure type for the job. * **documentParameters** *(dict) --* A key-value map that pairs the patterns that need to be replaced in a managed template job document schema. You can use the description of each key as a guidance to specify the inputs during runtime when creating a job. Note: "documentParameters" can only be used when creating jobs from Amazon Web Services managed templates. This parameter can't be used with custom job templates or to create jobs from them. * *(string) --* * *(string) --* * **isConcurrent** *(boolean) --* Indicates whether a job is concurrent. Will be true when a job is rolling out new job executions or canceling previously created executions, otherwise false. * **schedulingConfig** *(dict) --* The configuration that allows you to schedule a job for a future date and time in addition to specifying the end behavior for each job execution. * **startTime** *(string) --* The time a job will begin rollout of the job document to all devices in the target group for a job. The "startTime" can be scheduled up to a year in advance and must be scheduled a minimum of thirty minutes from the current time. The date and time format for the "startTime" is YYYY-MM-DD for the date and HH:MM for the time. For more information on the syntax for "startTime" when using an API command or the Command Line Interface, see Timestamp. * **endTime** *(string) --* The time a job will stop rollout of the job document to all devices in the target group for a job. The "endTime" must take place no later than two years from the current time and be scheduled a minimum of thirty minutes from the current time. The minimum duration between "startTime" and "endTime" is thirty minutes. The maximum duration between "startTime" and "endTime" is two years. The date and time format for the "endTime" is YYYY-MM-DD for the date and HH:MM for the time. For more information on the syntax for "endTime" when using an API command or the Command Line Interface, see Timestamp. * **endBehavior** *(string) --* Specifies the end behavior for all job executions after a job reaches the selected "endTime". If "endTime" is not selected when creating the job, then "endBehavior" does not apply. * **maintenanceWindows** *(list) --* An optional configuration within the "SchedulingConfig" to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job. * *(dict) --* An optional configuration within the "SchedulingConfig" to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job. * **startTime** *(string) --* Displays the start time of the next maintenance window. * **durationInMinutes** *(integer) --* Displays the duration of the next maintenance window. * **scheduledJobRollouts** *(list) --* Displays the next seven maintenance window occurrences and their start times. * *(dict) --* Displays the next seven maintenance window occurrences and their start times. * **startTime** *(string) --* Displays the start times of the next seven maintenance window occurrences. * **destinationPackageVersions** *(list) --* The package version Amazon Resource Names (ARNs) that are installed on the device when the job successfully completes. The package version must be in either the Published or Deprecated state when the job deploys. For more information, see Package version lifecycle.The package version must be in either the Published or Deprecated state when the job deploys. For more information, see Package version lifecycle. >>**<>**<>**<>**<::command/" **Exceptions** * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ConflictException" * "IoT.Client.exceptions.ServiceQuotaExceededException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / delete_topic_rule delete_topic_rule ***************** IoT.Client.delete_topic_rule(**kwargs) Deletes the rule. Requires permission to access the DeleteTopicRule action. See also: AWS API Documentation **Request Syntax** response = client.delete_topic_rule( ruleName='string' ) Parameters: **ruleName** (*string*) -- **[REQUIRED]** The name of the rule. Returns: None **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ConflictingResourceUpdateException" IoT / Client / describe_authorizer describe_authorizer ******************* IoT.Client.describe_authorizer(**kwargs) Describes an authorizer. Requires permission to access the DescribeAuthorizer action. See also: AWS API Documentation **Request Syntax** response = client.describe_authorizer( authorizerName='string' ) Parameters: **authorizerName** (*string*) -- **[REQUIRED]** The name of the authorizer to describe. Return type: dict Returns: **Response Syntax** { 'authorizerDescription': { 'authorizerName': 'string', 'authorizerArn': 'string', 'authorizerFunctionArn': 'string', 'tokenKeyName': 'string', 'tokenSigningPublicKeys': { 'string': 'string' }, 'status': 'ACTIVE'|'INACTIVE', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'signingDisabled': True|False, 'enableCachingForHttp': True|False } } **Response Structure** * *(dict) --* * **authorizerDescription** *(dict) --* The authorizer description. * **authorizerName** *(string) --* The authorizer name. * **authorizerArn** *(string) --* The authorizer ARN. * **authorizerFunctionArn** *(string) --* The authorizer's Lambda function ARN. * **tokenKeyName** *(string) --* The key used to extract the token from the HTTP headers. * **tokenSigningPublicKeys** *(dict) --* The public keys used to validate the token signature returned by your custom authentication service. * *(string) --* * *(string) --* * **status** *(string) --* The status of the authorizer. * **creationDate** *(datetime) --* The UNIX timestamp of when the authorizer was created. * **lastModifiedDate** *(datetime) --* The UNIX timestamp of when the authorizer was last updated. * **signingDisabled** *(boolean) --* Specifies whether IoT validates the token signature in an authorization request. * **enableCachingForHttp** *(boolean) --* When "true", the result from the authorizer’s Lambda function is cached for the time specified in "refreshAfterInSeconds". The cached result is used while the device reuses the same HTTP connection. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / describe_role_alias describe_role_alias ******************* IoT.Client.describe_role_alias(**kwargs) Describes a role alias. Requires permission to access the DescribeRoleAlias action. See also: AWS API Documentation **Request Syntax** response = client.describe_role_alias( roleAlias='string' ) Parameters: **roleAlias** (*string*) -- **[REQUIRED]** The role alias to describe. Return type: dict Returns: **Response Syntax** { 'roleAliasDescription': { 'roleAlias': 'string', 'roleAliasArn': 'string', 'roleArn': 'string', 'owner': 'string', 'credentialDurationSeconds': 123, 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) } } **Response Structure** * *(dict) --* * **roleAliasDescription** *(dict) --* The role alias description. * **roleAlias** *(string) --* The role alias. * **roleAliasArn** *(string) --* The ARN of the role alias. * **roleArn** *(string) --* The role ARN. * **owner** *(string) --* The role alias owner. * **credentialDurationSeconds** *(integer) --* The number of seconds for which the credential is valid. * **creationDate** *(datetime) --* The UNIX timestamp of when the role alias was created. * **lastModifiedDate** *(datetime) --* The UNIX timestamp of when the role alias was last modified. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / update_encryption_configuration update_encryption_configuration ******************************* IoT.Client.update_encryption_configuration(**kwargs) Updates the encryption configuration. By default, all Amazon Web Services IoT Core data at rest is encrypted using Amazon Web Services owned keys. Amazon Web Services IoT Core also supports symmetric customer managed keys from Amazon Web Services Key Management Service (KMS). With customer managed keys, you create, own, and manage the KMS keys in your Amazon Web Services account. For more information, see Data encryption in the *Amazon Web Services IoT Core Developer Guide*. See also: AWS API Documentation **Request Syntax** response = client.update_encryption_configuration( encryptionType='CUSTOMER_MANAGED_KMS_KEY'|'AWS_OWNED_KMS_KEY', kmsKeyArn='string', kmsAccessRoleArn='string' ) Parameters: * **encryptionType** (*string*) -- **[REQUIRED]** The type of the Amazon Web Services Key Management Service (KMS) key. * **kmsKeyArn** (*string*) -- The ARN of the customer-managed KMS key. * **kmsAccessRoleArn** (*string*) -- The Amazon Resource Name (ARN) of the IAM role assumed by Amazon Web Services IoT Core to call KMS on behalf of the customer. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_domain_configurations list_domain_configurations ************************** IoT.Client.list_domain_configurations(**kwargs) Gets a list of domain configurations for the user. This list is sorted alphabetically by domain configuration name. Requires permission to access the ListDomainConfigurations action. See also: AWS API Documentation **Request Syntax** response = client.list_domain_configurations( marker='string', pageSize=123, serviceType='DATA'|'CREDENTIAL_PROVIDER'|'JOBS' ) Parameters: * **marker** (*string*) -- The marker for the next set of results. * **pageSize** (*integer*) -- The result page size. * **serviceType** (*string*) -- The type of service delivered by the endpoint. Return type: dict Returns: **Response Syntax** { 'domainConfigurations': [ { 'domainConfigurationName': 'string', 'domainConfigurationArn': 'string', 'serviceType': 'DATA'|'CREDENTIAL_PROVIDER'|'JOBS' }, ], 'nextMarker': 'string' } **Response Structure** * *(dict) --* * **domainConfigurations** *(list) --* A list of objects that contain summary information about the user's domain configurations. * *(dict) --* The summary of a domain configuration. A domain configuration specifies custom IoT-specific information about a domain. A domain configuration can be associated with an Amazon Web Services-managed domain (for example, dbc123defghijk.iot.us-west-2.amazonaws.com), a customer managed domain, or a default endpoint. * Data * Jobs * CredentialProvider * **domainConfigurationName** *(string) --* The name of the domain configuration. This value must be unique to a region. * **domainConfigurationArn** *(string) --* The ARN of the domain configuration. * **serviceType** *(string) --* The type of service delivered by the endpoint. * **nextMarker** *(string) --* The marker for the next set of results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_thing_types list_thing_types **************** IoT.Client.list_thing_types(**kwargs) Lists the existing thing types. Requires permission to access the ListThingTypes action. See also: AWS API Documentation **Request Syntax** response = client.list_thing_types( nextToken='string', maxResults=123, thingTypeName='string' ) Parameters: * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise **null** to receive the first set of results. * **maxResults** (*integer*) -- The maximum number of results to return in this operation. * **thingTypeName** (*string*) -- The name of the thing type. Return type: dict Returns: **Response Syntax** { 'thingTypes': [ { 'thingTypeName': 'string', 'thingTypeArn': 'string', 'thingTypeProperties': { 'thingTypeDescription': 'string', 'searchableAttributes': [ 'string', ], 'mqtt5Configuration': { 'propagatingAttributes': [ { 'userPropertyKey': 'string', 'thingAttribute': 'string', 'connectionAttribute': 'string' }, ] } }, 'thingTypeMetadata': { 'deprecated': True|False, 'deprecationDate': datetime(2015, 1, 1), 'creationDate': datetime(2015, 1, 1) } }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* The output for the ListThingTypes operation. * **thingTypes** *(list) --* The thing types. * *(dict) --* The definition of the thing type, including thing type name and description. * **thingTypeName** *(string) --* The name of the thing type. * **thingTypeArn** *(string) --* The thing type ARN. * **thingTypeProperties** *(dict) --* The ThingTypeProperties for the thing type. * **thingTypeDescription** *(string) --* The description of the thing type. * **searchableAttributes** *(list) --* A list of searchable thing attribute names. * *(string) --* * **mqtt5Configuration** *(dict) --* The configuration to add user-defined properties to enrich MQTT 5 messages. * **propagatingAttributes** *(list) --* An object that represents the propagating thing attributes and the connection attributes. * *(dict) --* An object that represents the connection attribute, thing attribute, and the user property key. * **userPropertyKey** *(string) --* The key of the user property key-value pair. * **thingAttribute** *(string) --* The user-defined thing attribute that is propagating for MQTT 5 message enrichment. * **connectionAttribute** *(string) --* The attribute associated with the connection between a device and Amazon Web Services IoT Core. * **thingTypeMetadata** *(dict) --* The ThingTypeMetadata contains additional information about the thing type including: creation date and time, a value indicating whether the thing type is deprecated, and a date and time when it was deprecated. * **deprecated** *(boolean) --* Whether the thing type is deprecated. If **true**, no new things could be associated with this type. * **deprecationDate** *(datetime) --* The date and time when the thing type was deprecated. * **creationDate** *(datetime) --* The date and time when the thing type was created. * **nextToken** *(string) --* The token for the next set of results. Will not be returned if operation has returned all results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / get_package_configuration get_package_configuration ************************* IoT.Client.get_package_configuration() Gets information about the specified software package's configuration. Requires permission to access the GetPackageConfiguration action. See also: AWS API Documentation **Request Syntax** response = client.get_package_configuration() Return type: dict Returns: **Response Syntax** { 'versionUpdateByJobsConfig': { 'enabled': True|False, 'roleArn': 'string' } } **Response Structure** * *(dict) --* * **versionUpdateByJobsConfig** *(dict) --* The version that is associated to a specific job. * **enabled** *(boolean) --* Indicates whether the Job is enabled or not. * **roleArn** *(string) --* The Amazon Resource Name (ARN) of the role that grants permission to the IoT jobs service to update the reserved named shadow when the job successfully completes. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / list_provisioning_template_versions list_provisioning_template_versions *********************************** IoT.Client.list_provisioning_template_versions(**kwargs) A list of provisioning template versions. Requires permission to access the ListProvisioningTemplateVersions action. See also: AWS API Documentation **Request Syntax** response = client.list_provisioning_template_versions( templateName='string', maxResults=123, nextToken='string' ) Parameters: * **templateName** (*string*) -- **[REQUIRED]** The name of the provisioning template. * **maxResults** (*integer*) -- The maximum number of results to return at one time. * **nextToken** (*string*) -- A token to retrieve the next set of results. Return type: dict Returns: **Response Syntax** { 'versions': [ { 'versionId': 123, 'creationDate': datetime(2015, 1, 1), 'isDefaultVersion': True|False }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **versions** *(list) --* The list of provisioning template versions. * *(dict) --* A summary of information about a fleet provision template version. * **versionId** *(integer) --* The ID of the fleet provisioning template version. * **creationDate** *(datetime) --* The date when the provisioning template version was created * **isDefaultVersion** *(boolean) --* True if the provisioning template version is the default version, otherwise false. * **nextToken** *(string) --* A token to retrieve the next set of results. **Exceptions** * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.UnauthorizedException" IoT / Client / create_package_version create_package_version ********************** IoT.Client.create_package_version(**kwargs) Creates a new version for an existing IoT software package. Requires permission to access the CreatePackageVersion and GetIndexingConfiguration actions. See also: AWS API Documentation **Request Syntax** response = client.create_package_version( packageName='string', versionName='string', description='string', attributes={ 'string': 'string' }, artifact={ 's3Location': { 'bucket': 'string', 'key': 'string', 'version': 'string' } }, recipe='string', tags={ 'string': 'string' }, clientToken='string' ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the associated software package. * **versionName** (*string*) -- **[REQUIRED]** The name of the new package version. * **description** (*string*) -- A summary of the package version being created. This can be used to outline the package's contents or purpose. * **attributes** (*dict*) -- Metadata that can be used to define a package version’s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet. The combined size of all the attributes on a package version is limited to 3KB. * *(string) --* * *(string) --* * **artifact** (*dict*) -- The various build components created during the build process such as libraries and configuration files that make up a software package version. * **s3Location** *(dict) --* The S3 location. * **bucket** *(string) --* The S3 bucket. * **key** *(string) --* The S3 key. * **version** *(string) --* The S3 bucket version. * **recipe** (*string*) -- The inline job document associated with a software package version used for a quick job deployment. * **tags** (*dict*) -- Metadata that can be used to manage the package version. * *(string) --* * *(string) --* * **clientToken** (*string*) -- A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don't reuse this client token if a new idempotent request is required. This field is autopopulated if not provided. Return type: dict Returns: **Response Syntax** { 'packageVersionArn': 'string', 'packageName': 'string', 'versionName': 'string', 'description': 'string', 'attributes': { 'string': 'string' }, 'status': 'DRAFT'|'PUBLISHED'|'DEPRECATED', 'errorReason': 'string' } **Response Structure** * *(dict) --* * **packageVersionArn** *(string) --* The Amazon Resource Name (ARN) for the package. * **packageName** *(string) --* The name of the associated software package. * **versionName** *(string) --* The name of the new package version. * **description** *(string) --* The package version description. * **attributes** *(dict) --* Metadata that were added to the package version that can be used to define a package version’s configuration. * *(string) --* * *(string) --* * **status** *(string) --* The status of the package version. For more information, see Package version lifecycle. * **errorReason** *(string) --* Error reason for a package version failure during creation or update. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ConflictException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ServiceQuotaExceededException" IoT / Client / add_thing_to_billing_group add_thing_to_billing_group ************************** IoT.Client.add_thing_to_billing_group(**kwargs) Adds a thing to a billing group. Requires permission to access the AddThingToBillingGroup action. See also: AWS API Documentation **Request Syntax** response = client.add_thing_to_billing_group( billingGroupName='string', billingGroupArn='string', thingName='string', thingArn='string' ) Parameters: * **billingGroupName** (*string*) -- The name of the billing group. Note: This call is asynchronous. It might take several seconds for the detachment to propagate. * **billingGroupArn** (*string*) -- The ARN of the billing group. * **thingName** (*string*) -- The name of the thing to be added to the billing group. * **thingArn** (*string*) -- The ARN of the thing to be added to the billing group. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / accept_certificate_transfer accept_certificate_transfer *************************** IoT.Client.accept_certificate_transfer(**kwargs) Accepts a pending certificate transfer. The default state of the certificate is INACTIVE. To check for pending certificate transfers, call ListCertificates to enumerate your certificates. Requires permission to access the AcceptCertificateTransfer action. See also: AWS API Documentation **Request Syntax** response = client.accept_certificate_transfer( certificateId='string', setAsActive=True|False ) Parameters: * **certificateId** (*string*) -- **[REQUIRED]** The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.) * **setAsActive** (*boolean*) -- Specifies whether the certificate is active. Returns: None **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.TransferAlreadyCompletedException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / search_index search_index ************ IoT.Client.search_index(**kwargs) The query search index. Requires permission to access the SearchIndex action. See also: AWS API Documentation **Request Syntax** response = client.search_index( indexName='string', queryString='string', nextToken='string', maxResults=123, queryVersion='string' ) Parameters: * **indexName** (*string*) -- The search index name. * **queryString** (*string*) -- **[REQUIRED]** The search query string. For more information about the search query syntax, see Query syntax. * **nextToken** (*string*) -- The token used to get the next set of results, or "null" if there are no additional results. * **maxResults** (*integer*) -- The maximum number of results to return per page at one time. This maximum number cannot exceed 100. The response might contain fewer results but will never contain more. You can use nextToken to retrieve the next set of results until "nextToken" returns "NULL". * **queryVersion** (*string*) -- The query version. Return type: dict Returns: **Response Syntax** { 'nextToken': 'string', 'things': [ { 'thingName': 'string', 'thingId': 'string', 'thingTypeName': 'string', 'thingGroupNames': [ 'string', ], 'attributes': { 'string': 'string' }, 'shadow': 'string', 'deviceDefender': 'string', 'connectivity': { 'connected': True|False, 'timestamp': 123, 'disconnectReason': 'string' } }, ], 'thingGroups': [ { 'thingGroupName': 'string', 'thingGroupId': 'string', 'thingGroupDescription': 'string', 'attributes': { 'string': 'string' }, 'parentGroupNames': [ 'string', ] }, ] } **Response Structure** * *(dict) --* * **nextToken** *(string) --* The token used to get the next set of results, or "null" if there are no additional results. * **things** *(list) --* The things that match the search query. * *(dict) --* The thing search index document. * **thingName** *(string) --* The thing name. * **thingId** *(string) --* The thing ID. * **thingTypeName** *(string) --* The thing type name. * **thingGroupNames** *(list) --* Thing group and billing group names. * *(string) --* * **attributes** *(dict) --* The attributes. * *(string) --* * *(string) --* * **shadow** *(string) --* The unnamed shadow and named shadow. For more information about shadows, see IoT Device Shadow service. * **deviceDefender** *(string) --* Contains Device Defender data. For more information about Device Defender, see Device Defender. * **connectivity** *(dict) --* Indicates whether the thing is connected to the Amazon Web Services IoT Core service. * **connected** *(boolean) --* True if the thing is connected to the Amazon Web Services IoT Core service; false if it is not connected. * **timestamp** *(integer) --* The epoch time (in milliseconds) when the thing last connected or disconnected. If the thing has been disconnected for approximately an hour, the time value might be missing. * **disconnectReason** *(string) --* The reason why the client is disconnected. If the thing has been disconnected for approximately an hour, the "disconnectReason" value might be missing. * **thingGroups** *(list) --* The thing groups that match the search query. * *(dict) --* The thing group search index document. * **thingGroupName** *(string) --* The thing group name. * **thingGroupId** *(string) --* The thing group ID. * **thingGroupDescription** *(string) --* The thing group description. * **attributes** *(dict) --* The thing group attributes. * *(string) --* * *(string) --* * **parentGroupNames** *(list) --* Parent group names. * *(string) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidQueryException" * "IoT.Client.exceptions.IndexNotReadyException" IoT / Client / update_thing update_thing ************ IoT.Client.update_thing(**kwargs) Updates the data for a thing. Requires permission to access the UpdateThing action. See also: AWS API Documentation **Request Syntax** response = client.update_thing( thingName='string', thingTypeName='string', attributePayload={ 'attributes': { 'string': 'string' }, 'merge': True|False }, expectedVersion=123, removeThingType=True|False ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The name of the thing to update. You can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing. * **thingTypeName** (*string*) -- The name of the thing type. * **attributePayload** (*dict*) -- A list of thing attributes, a JSON string containing name- value pairs. For example: "{\"attributes\":{\"name1\":\"value2\"}}" This data is used to add new attributes or update existing attributes. * **attributes** *(dict) --* A JSON string containing up to three key-value pair in JSON format. For example: "{\"attributes\":{\"string1\":\"string2\"}}" * *(string) --* * *(string) --* * **merge** *(boolean) --* Specifies whether the list of attributes provided in the "AttributePayload" is merged with the attributes stored in the registry, instead of overwriting them. To remove an attribute, call "UpdateThing" with an empty attribute value. Note: The "merge" attribute is only valid when calling "UpdateThing" or "UpdateThingGroup". * **expectedVersion** (*integer*) -- The expected version of the thing record in the registry. If the version of the record in the registry does not match the expected version specified in the request, the "UpdateThing" request is rejected with a "VersionConflictException". * **removeThingType** (*boolean*) -- Remove a thing type association. If **true**, the association is removed. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* The output from the UpdateThing operation. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.VersionConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / delete_v2_logging_level delete_v2_logging_level *********************** IoT.Client.delete_v2_logging_level(**kwargs) Deletes a logging level. Requires permission to access the DeleteV2LoggingLevel action. See also: AWS API Documentation **Request Syntax** response = client.delete_v2_logging_level( targetType='DEFAULT'|'THING_GROUP'|'CLIENT_ID'|'SOURCE_IP'|'PRINCIPAL_ID', targetName='string' ) Parameters: * **targetType** (*string*) -- **[REQUIRED]** The type of resource for which you are configuring logging. Must be "THING_Group". * **targetName** (*string*) -- **[REQUIRED]** The name of the resource for which you are configuring logging. Returns: None **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" IoT / Client / delete_command delete_command ************** IoT.Client.delete_command(**kwargs) Delete a command resource. See also: AWS API Documentation **Request Syntax** response = client.delete_command( commandId='string' ) Parameters: **commandId** (*string*) -- **[REQUIRED]** The unique identifier of the command to be deleted. Return type: dict Returns: **Response Syntax** { 'statusCode': 123 } **Response Structure** * *(dict) --* * **statusCode** *(integer) --* The status code for the command deletion request. The status code is in the 200 range for a successful request. * If the command hasn't been deprecated, or has been deprecated for a duration that is shorter than the maximum time out duration of 12 hours, when calling the "DeleteCommand" request, the deletion will be scheduled and a 202 status code will be returned. While the command is being deleted, it will be in a "pendingDeletion" state. Once the time out duration has been reached, the command will be permanently removed from your account. * If the command has been deprecated for a duration that is longer than the maximum time out duration of 12 hours, when calling the "DeleteCommand" request, the command will be deleted immediately and a 204 status code will be returned. **Exceptions** * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / update_thing_type update_thing_type ***************** IoT.Client.update_thing_type(**kwargs) Updates a thing type. See also: AWS API Documentation **Request Syntax** response = client.update_thing_type( thingTypeName='string', thingTypeProperties={ 'thingTypeDescription': 'string', 'searchableAttributes': [ 'string', ], 'mqtt5Configuration': { 'propagatingAttributes': [ { 'userPropertyKey': 'string', 'thingAttribute': 'string', 'connectionAttribute': 'string' }, ] } } ) Parameters: * **thingTypeName** (*string*) -- **[REQUIRED]** The name of a thing type. * **thingTypeProperties** (*dict*) -- The ThingTypeProperties contains information about the thing type including: a thing type description, and a list of searchable thing attribute names. * **thingTypeDescription** *(string) --* The description of the thing type. * **searchableAttributes** *(list) --* A list of searchable thing attribute names. * *(string) --* * **mqtt5Configuration** *(dict) --* The configuration to add user-defined properties to enrich MQTT 5 messages. * **propagatingAttributes** *(list) --* An object that represents the propagating thing attributes and the connection attributes. * *(dict) --* An object that represents the connection attribute, thing attribute, and the user property key. * **userPropertyKey** *(string) --* The key of the user property key-value pair. * **thingAttribute** *(string) --* The user-defined thing attribute that is propagating for MQTT 5 message enrichment. * **connectionAttribute** *(string) --* The attribute associated with the connection between a device and Amazon Web Services IoT Core. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / close close ***** IoT.Client.close() Closes underlying endpoint connections. IoT / Client / describe_default_authorizer describe_default_authorizer *************************** IoT.Client.describe_default_authorizer() Describes the default authorizer. Requires permission to access the DescribeDefaultAuthorizer action. See also: AWS API Documentation **Request Syntax** response = client.describe_default_authorizer() Return type: dict Returns: **Response Syntax** { 'authorizerDescription': { 'authorizerName': 'string', 'authorizerArn': 'string', 'authorizerFunctionArn': 'string', 'tokenKeyName': 'string', 'tokenSigningPublicKeys': { 'string': 'string' }, 'status': 'ACTIVE'|'INACTIVE', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'signingDisabled': True|False, 'enableCachingForHttp': True|False } } **Response Structure** * *(dict) --* * **authorizerDescription** *(dict) --* The default authorizer's description. * **authorizerName** *(string) --* The authorizer name. * **authorizerArn** *(string) --* The authorizer ARN. * **authorizerFunctionArn** *(string) --* The authorizer's Lambda function ARN. * **tokenKeyName** *(string) --* The key used to extract the token from the HTTP headers. * **tokenSigningPublicKeys** *(dict) --* The public keys used to validate the token signature returned by your custom authentication service. * *(string) --* * *(string) --* * **status** *(string) --* The status of the authorizer. * **creationDate** *(datetime) --* The UNIX timestamp of when the authorizer was created. * **lastModifiedDate** *(datetime) --* The UNIX timestamp of when the authorizer was last updated. * **signingDisabled** *(boolean) --* Specifies whether IoT validates the token signature in an authorization request. * **enableCachingForHttp** *(boolean) --* When "true", the result from the authorizer’s Lambda function is cached for the time specified in "refreshAfterInSeconds". The cached result is used while the device reuses the same HTTP connection. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / update_fleet_metric update_fleet_metric ******************* IoT.Client.update_fleet_metric(**kwargs) Updates the data for a fleet metric. Requires permission to access the UpdateFleetMetric action. See also: AWS API Documentation **Request Syntax** response = client.update_fleet_metric( metricName='string', queryString='string', aggregationType={ 'name': 'Statistics'|'Percentiles'|'Cardinality', 'values': [ 'string', ] }, period=123, aggregationField='string', description='string', queryVersion='string', indexName='string', unit='Seconds'|'Microseconds'|'Milliseconds'|'Bytes'|'Kilobytes'|'Megabytes'|'Gigabytes'|'Terabytes'|'Bits'|'Kilobits'|'Megabits'|'Gigabits'|'Terabits'|'Percent'|'Count'|'Bytes/Second'|'Kilobytes/Second'|'Megabytes/Second'|'Gigabytes/Second'|'Terabytes/Second'|'Bits/Second'|'Kilobits/Second'|'Megabits/Second'|'Gigabits/Second'|'Terabits/Second'|'Count/Second'|'None', expectedVersion=123 ) Parameters: * **metricName** (*string*) -- **[REQUIRED]** The name of the fleet metric to update. * **queryString** (*string*) -- The search query string. * **aggregationType** (*dict*) -- The type of the aggregation query. * **name** *(string) --* **[REQUIRED]** The name of the aggregation type. * **values** *(list) --* A list of the values of aggregation types. * *(string) --* * **period** (*integer*) -- The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60. * **aggregationField** (*string*) -- The field to aggregate. * **description** (*string*) -- The description of the fleet metric. * **queryVersion** (*string*) -- The version of the query. * **indexName** (*string*) -- **[REQUIRED]** The name of the index to search. * **unit** (*string*) -- Used to support unit transformation such as milliseconds to seconds. The unit must be supported by CW metric. * **expectedVersion** (*integer*) -- The expected version of the fleet metric record in the registry. Returns: None **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidQueryException" * "IoT.Client.exceptions.InvalidAggregationException" * "IoT.Client.exceptions.VersionConflictException" * "IoT.Client.exceptions.IndexNotReadyException" IoT / Client / associate_targets_with_job associate_targets_with_job ************************** IoT.Client.associate_targets_with_job(**kwargs) Associates a group with a continuous job. The following criteria must be met: * The job must have been created with the "targetSelection" field set to "CONTINUOUS". * The job status must currently be "IN_PROGRESS". * The total number of targets associated with a job must not exceed 100. Requires permission to access the AssociateTargetsWithJob action. See also: AWS API Documentation **Request Syntax** response = client.associate_targets_with_job( targets=[ 'string', ], jobId='string', comment='string', namespaceId='string' ) Parameters: * **targets** (*list*) -- **[REQUIRED]** A list of thing group ARNs that define the targets of the job. * *(string) --* * **jobId** (*string*) -- **[REQUIRED]** The unique identifier you assigned to this job when it was created. * **comment** (*string*) -- An optional comment string describing why the job was associated with the targets. * **namespaceId** (*string*) -- The namespace used to indicate that a job is a customer- managed job. When you specify a value for this parameter, Amazon Web Services IoT Core sends jobs notifications to MQTT topics that contain the value in the following format. "$aws/things/THING_NAME/jobs/JOB_ID/notify-namespace- NAMESPACE_ID/" Note: The "namespaceId" feature is only supported by IoT Greengrass at this time. For more information, see Setting up IoT Greengrass core devices. Return type: dict Returns: **Response Syntax** { 'jobArn': 'string', 'jobId': 'string', 'description': 'string' } **Response Structure** * *(dict) --* * **jobArn** *(string) --* An ARN identifying the job. * **jobId** *(string) --* The unique identifier you assigned to this job when it was created. * **description** *(string) --* A short text description of the job. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.LimitExceededException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ServiceUnavailableException" IoT / Client / describe_detect_mitigation_actions_task describe_detect_mitigation_actions_task *************************************** IoT.Client.describe_detect_mitigation_actions_task(**kwargs) Gets information about a Device Defender ML Detect mitigation action. Requires permission to access the DescribeDetectMitigationActionsTask action. See also: AWS API Documentation **Request Syntax** response = client.describe_detect_mitigation_actions_task( taskId='string' ) Parameters: **taskId** (*string*) -- **[REQUIRED]** The unique identifier of the task. Return type: dict Returns: **Response Syntax** { 'taskSummary': { 'taskId': 'string', 'taskStatus': 'IN_PROGRESS'|'SUCCESSFUL'|'FAILED'|'CANCELED', 'taskStartTime': datetime(2015, 1, 1), 'taskEndTime': datetime(2015, 1, 1), 'target': { 'violationIds': [ 'string', ], 'securityProfileName': 'string', 'behaviorName': 'string' }, 'violationEventOccurrenceRange': { 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1) }, 'onlyActiveViolationsIncluded': True|False, 'suppressedAlertsIncluded': True|False, 'actionsDefinition': [ { 'name': 'string', 'id': 'string', 'roleArn': 'string', 'actionParams': { 'updateDeviceCertificateParams': { 'action': 'DEACTIVATE' }, 'updateCACertificateParams': { 'action': 'DEACTIVATE' }, 'addThingsToThingGroupParams': { 'thingGroupNames': [ 'string', ], 'overrideDynamicGroups': True|False }, 'replaceDefaultPolicyVersionParams': { 'templateName': 'BLANK_POLICY' }, 'enableIoTLoggingParams': { 'roleArnForLogging': 'string', 'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED' }, 'publishFindingToSnsParams': { 'topicArn': 'string' } } }, ], 'taskStatistics': { 'actionsExecuted': 123, 'actionsSkipped': 123, 'actionsFailed': 123 } } } **Response Structure** * *(dict) --* * **taskSummary** *(dict) --* The description of a task. * **taskId** *(string) --* The unique identifier of the task. * **taskStatus** *(string) --* The status of the task. * **taskStartTime** *(datetime) --* The date the task started. * **taskEndTime** *(datetime) --* The date the task ended. * **target** *(dict) --* Specifies the ML Detect findings to which the mitigation actions are applied. * **violationIds** *(list) --* The unique identifiers of the violations. * *(string) --* * **securityProfileName** *(string) --* The name of the security profile. * **behaviorName** *(string) --* The name of the behavior. * **violationEventOccurrenceRange** *(dict) --* Specifies the time period of which violation events occurred between. * **startTime** *(datetime) --* The start date and time of a time period in which violation events occurred. * **endTime** *(datetime) --* The end date and time of a time period in which violation events occurred. * **onlyActiveViolationsIncluded** *(boolean) --* Includes only active violations. * **suppressedAlertsIncluded** *(boolean) --* Includes suppressed alerts. * **actionsDefinition** *(list) --* The definition of the actions. * *(dict) --* Describes which changes should be applied as part of a mitigation action. * **name** *(string) --* A user-friendly name for the mitigation action. * **id** *(string) --* A unique identifier for the mitigation action. * **roleArn** *(string) --* The IAM role ARN used to apply this mitigation action. * **actionParams** *(dict) --* The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply. * **updateDeviceCertificateParams** *(dict) --* Parameters to define a mitigation action that changes the state of the device certificate to inactive. * **action** *(string) --* The action that you want to apply to the device certificate. The only supported value is "DEACTIVATE". * **updateCACertificateParams** *(dict) --* Parameters to define a mitigation action that changes the state of the CA certificate to inactive. * **action** *(string) --* The action that you want to apply to the CA certificate. The only supported value is "DEACTIVATE". * **addThingsToThingGroupParams** *(dict) --* Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine. * **thingGroupNames** *(list) --* The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy. * *(string) --* * **overrideDynamicGroups** *(boolean) --* Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups. * **replaceDefaultPolicyVersionParams** *(dict) --* Parameters to define a mitigation action that adds a blank policy to restrict permissions. * **templateName** *(string) --* The name of the template to be applied. The only supported value is "BLANK_POLICY". * **enableIoTLoggingParams** *(dict) --* Parameters to define a mitigation action that enables Amazon Web Services IoT Core logging at a specified level of detail. * **roleArnForLogging** *(string) --* The Amazon Resource Name (ARN) of the IAM role used for logging. * **logLevel** *(string) --* Specifies the type of information to be logged. * **publishFindingToSnsParams** *(dict) --* Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages. * **topicArn** *(string) --* The ARN of the topic to which you want to publish the findings. * **taskStatistics** *(dict) --* The statistics of a mitigation action task. * **actionsExecuted** *(integer) --* The actions that were performed. * **actionsSkipped** *(integer) --* The actions that were skipped. * **actionsFailed** *(integer) --* The actions that failed. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_custom_metrics list_custom_metrics ******************* IoT.Client.list_custom_metrics(**kwargs) Lists your Device Defender detect custom metrics. Requires permission to access the ListCustomMetrics action. See also: AWS API Documentation **Request Syntax** response = client.list_custom_metrics( nextToken='string', maxResults=123 ) Parameters: * **nextToken** (*string*) -- The token for the next set of results. * **maxResults** (*integer*) -- The maximum number of results to return at one time. The default is 25. Return type: dict Returns: **Response Syntax** { 'metricNames': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **metricNames** *(list) --* The name of the custom metric. * *(string) --* * **nextToken** *(string) --* A token that can be used to retrieve the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / delete_scheduled_audit delete_scheduled_audit ********************** IoT.Client.delete_scheduled_audit(**kwargs) Deletes a scheduled audit. Requires permission to access the DeleteScheduledAudit action. See also: AWS API Documentation **Request Syntax** response = client.delete_scheduled_audit( scheduledAuditName='string' ) Parameters: **scheduledAuditName** (*string*) -- **[REQUIRED]** The name of the scheduled audit you want to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / delete_topic_rule_destination delete_topic_rule_destination ***************************** IoT.Client.delete_topic_rule_destination(**kwargs) Deletes a topic rule destination. Requires permission to access the DeleteTopicRuleDestination action. See also: AWS API Documentation **Request Syntax** response = client.delete_topic_rule_destination( arn='string' ) Parameters: **arn** (*string*) -- **[REQUIRED]** The ARN of the topic rule destination to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ConflictingResourceUpdateException" IoT / Client / create_thing create_thing ************ IoT.Client.create_thing(**kwargs) Creates a thing record in the registry. If this call is made multiple times using the same thing name and configuration, the call will succeed. If this call is made with the same thing name but different configuration a "ResourceAlreadyExistsException" is thrown. Note: This is a control plane operation. See Authorization for information about authorizing control plane actions. Requires permission to access the CreateThing action. See also: AWS API Documentation **Request Syntax** response = client.create_thing( thingName='string', thingTypeName='string', attributePayload={ 'attributes': { 'string': 'string' }, 'merge': True|False }, billingGroupName='string' ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The name of the thing to create. You can't change a thing's name after you create it. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing. * **thingTypeName** (*string*) -- The name of the thing type associated with the new thing. * **attributePayload** (*dict*) -- The attribute payload, which consists of up to three name/value pairs in a JSON document. For example: "{\"attributes\":{\"string1\":\"string2\"}}" * **attributes** *(dict) --* A JSON string containing up to three key-value pair in JSON format. For example: "{\"attributes\":{\"string1\":\"string2\"}}" * *(string) --* * *(string) --* * **merge** *(boolean) --* Specifies whether the list of attributes provided in the "AttributePayload" is merged with the attributes stored in the registry, instead of overwriting them. To remove an attribute, call "UpdateThing" with an empty attribute value. Note: The "merge" attribute is only valid when calling "UpdateThing" or "UpdateThingGroup". * **billingGroupName** (*string*) -- The name of the billing group the thing will be added to. Return type: dict Returns: **Response Syntax** { 'thingName': 'string', 'thingArn': 'string', 'thingId': 'string' } **Response Structure** * *(dict) --* The output of the CreateThing operation. * **thingName** *(string) --* The name of the new thing. * **thingArn** *(string) --* The ARN of the new thing. * **thingId** *(string) --* The thing ID. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / delete_ota_update delete_ota_update ***************** IoT.Client.delete_ota_update(**kwargs) Delete an OTA update. Requires permission to access the DeleteOTAUpdate action. See also: AWS API Documentation **Request Syntax** response = client.delete_ota_update( otaUpdateId='string', deleteStream=True|False, forceDeleteAWSJob=True|False ) Parameters: * **otaUpdateId** (*string*) -- **[REQUIRED]** The ID of the OTA update to delete. * **deleteStream** (*boolean*) -- When true, the stream created by the OTAUpdate process is deleted when the OTA update is deleted. Ignored if the stream specified in the OTAUpdate is supplied by the user. * **forceDeleteAWSJob** (*boolean*) -- When true, deletes the IoT job created by the OTAUpdate process even if it is "IN_PROGRESS". Otherwise, if the job is not in a terminal state ("COMPLETED" or "CANCELED") an exception will occur. The default is false. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.VersionConflictException" IoT / Client / list_active_violations list_active_violations ********************** IoT.Client.list_active_violations(**kwargs) Lists the active violations for a given Device Defender security profile. Requires permission to access the ListActiveViolations action. See also: AWS API Documentation **Request Syntax** response = client.list_active_violations( thingName='string', securityProfileName='string', behaviorCriteriaType='STATIC'|'STATISTICAL'|'MACHINE_LEARNING', listSuppressedAlerts=True|False, verificationState='FALSE_POSITIVE'|'BENIGN_POSITIVE'|'TRUE_POSITIVE'|'UNKNOWN', nextToken='string', maxResults=123 ) Parameters: * **thingName** (*string*) -- The name of the thing whose active violations are listed. * **securityProfileName** (*string*) -- The name of the Device Defender security profile for which violations are listed. * **behaviorCriteriaType** (*string*) -- The criteria for a behavior. * **listSuppressedAlerts** (*boolean*) -- A list of all suppressed alerts. * **verificationState** (*string*) -- The verification state of the violation (detect alarm). * **nextToken** (*string*) -- The token for the next set of results. * **maxResults** (*integer*) -- The maximum number of results to return at one time. Return type: dict Returns: **Response Syntax** { 'activeViolations': [ { 'violationId': 'string', 'thingName': 'string', 'securityProfileName': 'string', 'behavior': { 'name': 'string', 'metric': 'string', 'metricDimension': { 'dimensionName': 'string', 'operator': 'IN'|'NOT_IN' }, 'criteria': { 'comparisonOperator': 'less-than'|'less-than-equals'|'greater-than'|'greater-than-equals'|'in-cidr-set'|'not-in-cidr-set'|'in-port-set'|'not-in-port-set'|'in-set'|'not-in-set', 'value': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'durationSeconds': 123, 'consecutiveDatapointsToAlarm': 123, 'consecutiveDatapointsToClear': 123, 'statisticalThreshold': { 'statistic': 'string' }, 'mlDetectionConfig': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' } }, 'suppressAlerts': True|False, 'exportMetric': True|False }, 'lastViolationValue': { 'count': 123, 'cidrs': [ 'string', ], 'ports': [ 123, ], 'number': 123.0, 'numbers': [ 123.0, ], 'strings': [ 'string', ] }, 'violationEventAdditionalInfo': { 'confidenceLevel': 'LOW'|'MEDIUM'|'HIGH' }, 'verificationState': 'FALSE_POSITIVE'|'BENIGN_POSITIVE'|'TRUE_POSITIVE'|'UNKNOWN', 'verificationStateDescription': 'string', 'lastViolationTime': datetime(2015, 1, 1), 'violationStartTime': datetime(2015, 1, 1) }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **activeViolations** *(list) --* The list of active violations. * *(dict) --* Information about an active Device Defender security profile behavior violation. * **violationId** *(string) --* The ID of the active violation. * **thingName** *(string) --* The name of the thing responsible for the active violation. * **securityProfileName** *(string) --* The security profile with the behavior is in violation. * **behavior** *(dict) --* The behavior that is being violated. * **name** *(string) --* The name you've given to the behavior. * **metric** *(string) --* What is measured by the behavior. * **metricDimension** *(dict) --* The dimension for a metric in your behavior. For example, using a "TOPIC_FILTER" dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can't be used with custom metrics. * **dimensionName** *(string) --* A unique identifier for the dimension. * **operator** *(string) --* Defines how the "dimensionValues" of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the "IN" operator, a message will be counted only if its topic matches one of the topic filters. With "NOT_IN" operator, a message will be counted only if it doesn't match any of the topic filters. The operator is optional: if it's not provided (is "null"), it will be interpreted as "IN". * **criteria** *(dict) --* The criteria that determine if a device is behaving normally in regard to the "metric". Note: In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously. * **comparisonOperator** *(string) --* The operator that relates the thing measured ( "metric") to the criteria (containing a "value" or "statisticalThreshold"). Valid operators include: * "string-list": "in-set" and "not-in-set" * "number-list": "in-set" and "not-in-set" * "ip-address-list": "in-cidr-set" and "not-in-cidr- set" * "number": "less-than", "less-than-equals", "greater-than", and "greater-than-equals" * **value** *(dict) --* The value to be compared with the "metric". * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **durationSeconds** *(integer) --* Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, "NUM_MESSAGES_SENT"). For a "statisticalThreshhold" metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes. * **consecutiveDatapointsToAlarm** *(integer) --* If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. * **consecutiveDatapointsToClear** *(integer) --* If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. * **statisticalThreshold** *(dict) --* A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. * **statistic** *(string) --* The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( "durationSeconds") from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( "comparisonOperator") the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs. * **mlDetectionConfig** *(dict) --* The configuration of an ML Detect * **confidenceLevel** *(string) --* The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **suppressAlerts** *(boolean) --* Suppresses alerts. * **exportMetric** *(boolean) --* Value indicates exporting metrics related to the behavior when it is true. * **lastViolationValue** *(dict) --* The value of the metric (the measurement) that caused the most recent violation. * **count** *(integer) --* If the "comparisonOperator" calls for a numeric value, use this to specify that numeric value to be compared with the "metric". * **cidrs** *(list) --* If the "comparisonOperator" calls for a set of CIDRs, use this to specify that set to be compared with the "metric". * *(string) --* * **ports** *(list) --* If the "comparisonOperator" calls for a set of ports, use this to specify that set to be compared with the "metric". * *(integer) --* * **number** *(float) --* The numeral value of a metric. * **numbers** *(list) --* The numeral values of a metric. * *(float) --* * **strings** *(list) --* The string values of a metric. * *(string) --* * **violationEventAdditionalInfo** *(dict) --* The details of a violation event. * **confidenceLevel** *(string) --* The sensitivity of anomalous behavior evaluation. Can be "Low", "Medium", or "High". * **verificationState** *(string) --* The verification state of the violation (detect alarm). * **verificationStateDescription** *(string) --* The description of the verification state of the violation. * **lastViolationTime** *(datetime) --* The time the most recent violation occurred. * **violationStartTime** *(datetime) --* The time the violation started. * **nextToken** *(string) --* A token that can be used to retrieve the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / associate_sbom_with_package_version associate_sbom_with_package_version *********************************** IoT.Client.associate_sbom_with_package_version(**kwargs) Associates the selected software bill of materials (SBOM) with a specific software package version. Requires permission to access the AssociateSbomWithPackageVersion action. See also: AWS API Documentation **Request Syntax** response = client.associate_sbom_with_package_version( packageName='string', versionName='string', sbom={ 's3Location': { 'bucket': 'string', 'key': 'string', 'version': 'string' } }, clientToken='string' ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the new software package. * **versionName** (*string*) -- **[REQUIRED]** The name of the new package version. * **sbom** (*dict*) -- **[REQUIRED]** A specific software bill of matrerials associated with a software package version. * **s3Location** *(dict) --* The S3 location. * **bucket** *(string) --* The S3 bucket. * **key** *(string) --* The S3 key. * **version** *(string) --* The S3 bucket version. * **clientToken** (*string*) -- A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don't reuse this client token if a new idempotent request is required. This field is autopopulated if not provided. Return type: dict Returns: **Response Syntax** { 'packageName': 'string', 'versionName': 'string', 'sbom': { 's3Location': { 'bucket': 'string', 'key': 'string', 'version': 'string' } }, 'sbomValidationStatus': 'IN_PROGRESS'|'FAILED'|'SUCCEEDED' } **Response Structure** * *(dict) --* * **packageName** *(string) --* The name of the new software package. * **versionName** *(string) --* The name of the new package version. * **sbom** *(dict) --* A specific software bill of matrerials associated with a software package version. * **s3Location** *(dict) --* The S3 location. * **bucket** *(string) --* The S3 bucket. * **key** *(string) --* The S3 key. * **version** *(string) --* The S3 bucket version. * **sbomValidationStatus** *(string) --* The status of the initial validation for the software bill of materials against the Software Package Data Exchange (SPDX) and CycloneDX industry standard formats. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ConflictException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ServiceQuotaExceededException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / describe_ca_certificate describe_ca_certificate *********************** IoT.Client.describe_ca_certificate(**kwargs) Describes a registered CA certificate. Requires permission to access the DescribeCACertificate action. See also: AWS API Documentation **Request Syntax** response = client.describe_ca_certificate( certificateId='string' ) Parameters: **certificateId** (*string*) -- **[REQUIRED]** The CA certificate identifier. Return type: dict Returns: **Response Syntax** { 'certificateDescription': { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE', 'certificatePem': 'string', 'ownedBy': 'string', 'creationDate': datetime(2015, 1, 1), 'autoRegistrationStatus': 'ENABLE'|'DISABLE', 'lastModifiedDate': datetime(2015, 1, 1), 'customerVersion': 123, 'generationId': 'string', 'validity': { 'notBefore': datetime(2015, 1, 1), 'notAfter': datetime(2015, 1, 1) }, 'certificateMode': 'DEFAULT'|'SNI_ONLY' }, 'registrationConfig': { 'templateBody': 'string', 'roleArn': 'string', 'templateName': 'string' } } **Response Structure** * *(dict) --* The output from the DescribeCACertificate operation. * **certificateDescription** *(dict) --* The CA certificate description. * **certificateArn** *(string) --* The CA certificate ARN. * **certificateId** *(string) --* The CA certificate ID. * **status** *(string) --* The status of a CA certificate. * **certificatePem** *(string) --* The CA certificate data, in PEM format. * **ownedBy** *(string) --* The owner of the CA certificate. * **creationDate** *(datetime) --* The date the CA certificate was created. * **autoRegistrationStatus** *(string) --* Whether the CA certificate configured for auto registration of device certificates. Valid values are "ENABLE" and "DISABLE" * **lastModifiedDate** *(datetime) --* The date the CA certificate was last modified. * **customerVersion** *(integer) --* The customer version of the CA certificate. * **generationId** *(string) --* The generation ID of the CA certificate. * **validity** *(dict) --* When the CA certificate is valid. * **notBefore** *(datetime) --* The certificate is not valid before this date. * **notAfter** *(datetime) --* The certificate is not valid after this date. * **certificateMode** *(string) --* The mode of the CA. All the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see certificate mode. * **registrationConfig** *(dict) --* Information about the registration configuration. * **templateBody** *(string) --* The template body. * **roleArn** *(string) --* The ARN of the role. * **templateName** *(string) --* The name of the provisioning template. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / get_package_version get_package_version ******************* IoT.Client.get_package_version(**kwargs) Gets information about the specified package version. Requires permission to access the GetPackageVersion action. See also: AWS API Documentation **Request Syntax** response = client.get_package_version( packageName='string', versionName='string' ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the associated package. * **versionName** (*string*) -- **[REQUIRED]** The name of the target package version. Return type: dict Returns: **Response Syntax** { 'packageVersionArn': 'string', 'packageName': 'string', 'versionName': 'string', 'description': 'string', 'attributes': { 'string': 'string' }, 'artifact': { 's3Location': { 'bucket': 'string', 'key': 'string', 'version': 'string' } }, 'status': 'DRAFT'|'PUBLISHED'|'DEPRECATED', 'errorReason': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'sbom': { 's3Location': { 'bucket': 'string', 'key': 'string', 'version': 'string' } }, 'sbomValidationStatus': 'IN_PROGRESS'|'FAILED'|'SUCCEEDED', 'recipe': 'string' } **Response Structure** * *(dict) --* * **packageVersionArn** *(string) --* The ARN for the package version. * **packageName** *(string) --* The name of the software package. * **versionName** *(string) --* The name of the package version. * **description** *(string) --* The package version description. * **attributes** *(dict) --* Metadata that were added to the package version that can be used to define a package version’s configuration. * *(string) --* * *(string) --* * **artifact** *(dict) --* The various components that make up a software package version. * **s3Location** *(dict) --* The S3 location. * **bucket** *(string) --* The S3 bucket. * **key** *(string) --* The S3 key. * **version** *(string) --* The S3 bucket version. * **status** *(string) --* The status associated to the package version. For more information, see Package version lifecycle. * **errorReason** *(string) --* Error reason for a package version failure during creation or update. * **creationDate** *(datetime) --* The date when the package version was created. * **lastModifiedDate** *(datetime) --* The date when the package version was last updated. * **sbom** *(dict) --* The software bill of materials for a software package version. * **s3Location** *(dict) --* The S3 location. * **bucket** *(string) --* The S3 bucket. * **key** *(string) --* The S3 key. * **version** *(string) --* The S3 bucket version. * **sbomValidationStatus** *(string) --* The status of the validation for a new software bill of materials added to a software package version. * **recipe** *(string) --* The inline job document associated with a software package version used for a quick job deployment. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / update_mitigation_action update_mitigation_action ************************ IoT.Client.update_mitigation_action(**kwargs) Updates the definition for the specified mitigation action. Requires permission to access the UpdateMitigationAction action. See also: AWS API Documentation **Request Syntax** response = client.update_mitigation_action( actionName='string', roleArn='string', actionParams={ 'updateDeviceCertificateParams': { 'action': 'DEACTIVATE' }, 'updateCACertificateParams': { 'action': 'DEACTIVATE' }, 'addThingsToThingGroupParams': { 'thingGroupNames': [ 'string', ], 'overrideDynamicGroups': True|False }, 'replaceDefaultPolicyVersionParams': { 'templateName': 'BLANK_POLICY' }, 'enableIoTLoggingParams': { 'roleArnForLogging': 'string', 'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED' }, 'publishFindingToSnsParams': { 'topicArn': 'string' } } ) Parameters: * **actionName** (*string*) -- **[REQUIRED]** The friendly name for the mitigation action. You cannot change the name by using "UpdateMitigationAction". Instead, you must delete and recreate the mitigation action with the new name. * **roleArn** (*string*) -- The ARN of the IAM role that is used to apply the mitigation action. * **actionParams** (*dict*) -- Defines the type of action and the parameters for that action. * **updateDeviceCertificateParams** *(dict) --* Parameters to define a mitigation action that changes the state of the device certificate to inactive. * **action** *(string) --* **[REQUIRED]** The action that you want to apply to the device certificate. The only supported value is "DEACTIVATE". * **updateCACertificateParams** *(dict) --* Parameters to define a mitigation action that changes the state of the CA certificate to inactive. * **action** *(string) --* **[REQUIRED]** The action that you want to apply to the CA certificate. The only supported value is "DEACTIVATE". * **addThingsToThingGroupParams** *(dict) --* Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine. * **thingGroupNames** *(list) --* **[REQUIRED]** The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy. * *(string) --* * **overrideDynamicGroups** *(boolean) --* Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups. * **replaceDefaultPolicyVersionParams** *(dict) --* Parameters to define a mitigation action that adds a blank policy to restrict permissions. * **templateName** *(string) --* **[REQUIRED]** The name of the template to be applied. The only supported value is "BLANK_POLICY". * **enableIoTLoggingParams** *(dict) --* Parameters to define a mitigation action that enables Amazon Web Services IoT Core logging at a specified level of detail. * **roleArnForLogging** *(string) --* **[REQUIRED]** The Amazon Resource Name (ARN) of the IAM role used for logging. * **logLevel** *(string) --* **[REQUIRED]** Specifies the type of information to be logged. * **publishFindingToSnsParams** *(dict) --* Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages. * **topicArn** *(string) --* **[REQUIRED]** The ARN of the topic to which you want to publish the findings. Return type: dict Returns: **Response Syntax** { 'actionArn': 'string', 'actionId': 'string' } **Response Structure** * *(dict) --* * **actionArn** *(string) --* The ARN for the new mitigation action. * **actionId** *(string) --* A unique identifier for the mitigation action. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / create_domain_configuration create_domain_configuration *************************** IoT.Client.create_domain_configuration(**kwargs) Creates a domain configuration. Requires permission to access the CreateDomainConfiguration action. See also: AWS API Documentation **Request Syntax** response = client.create_domain_configuration( domainConfigurationName='string', domainName='string', serverCertificateArns=[ 'string', ], validationCertificateArn='string', authorizerConfig={ 'defaultAuthorizerName': 'string', 'allowAuthorizerOverride': True|False }, serviceType='DATA'|'CREDENTIAL_PROVIDER'|'JOBS', tags=[ { 'Key': 'string', 'Value': 'string' }, ], tlsConfig={ 'securityPolicy': 'string' }, serverCertificateConfig={ 'enableOCSPCheck': True|False, 'ocspLambdaArn': 'string', 'ocspAuthorizedResponderArn': 'string' }, authenticationType='CUSTOM_AUTH_X509'|'CUSTOM_AUTH'|'AWS_X509'|'AWS_SIGV4'|'DEFAULT', applicationProtocol='SECURE_MQTT'|'MQTT_WSS'|'HTTPS'|'DEFAULT', clientCertificateConfig={ 'clientCertificateCallbackArn': 'string' } ) Parameters: * **domainConfigurationName** (*string*) -- **[REQUIRED]** The name of the domain configuration. This value must be unique to a region. * **domainName** (*string*) -- The name of the domain. * **serverCertificateArns** (*list*) -- The ARNs of the certificates that IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for Amazon Web Services-managed domains. * *(string) --* * **validationCertificateArn** (*string*) -- The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for Amazon Web Services-managed domains. * **authorizerConfig** (*dict*) -- An object that specifies the authorization service for a domain. * **defaultAuthorizerName** *(string) --* The name of the authorization service for a domain configuration. * **allowAuthorizerOverride** *(boolean) --* A Boolean that specifies whether the domain configuration's authorization service can be overridden. * **serviceType** (*string*) -- The type of service delivered by the endpoint. Note: Amazon Web Services IoT Core currently supports only the "DATA" service type. * **tags** (*list*) -- Metadata which can be used to manage the domain configuration. Note: For URI Request parameters use format: ...key1=value1&key2=value2...For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."For the cli-input-json file use format: "tags": "key1=value1&key2=value2..." * *(dict) --* A set of key/value pairs that are used to manage the resource. * **Key** *(string) --* **[REQUIRED]** The tag's key. * **Value** *(string) --* The tag's value. * **tlsConfig** (*dict*) -- An object that specifies the TLS configuration for a domain. * **securityPolicy** *(string) --* The security policy for a domain configuration. For more information, see Security policies in the *Amazon Web Services IoT Core developer guide*. * **serverCertificateConfig** (*dict*) -- The server certificate configuration. * **enableOCSPCheck** *(boolean) --* A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Server certificate configuration for OCSP stapling from Amazon Web Services IoT Core Developer Guide. * **ocspLambdaArn** *(string) --* The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same Amazon Web Services account and region as the domain configuration. For more information, see Configuring server certificate OCSP for private endpoints in Amazon Web Services IoT Core from the Amazon Web Services IoT Core developer guide. * **ocspAuthorizedResponderArn** *(string) --* The Amazon Resource Name (ARN) for an X.509 certificate stored in Amazon Web Services Certificate Manager (ACM). If provided, Amazon Web Services IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same Amazon Web Services account and region as the domain configuration. * **authenticationType** (*string*) -- An enumerated string that specifies the authentication type. * "CUSTOM_AUTH_X509" - Use custom authentication and authorization with additional details from the X.509 client certificate. * "CUSTOM_AUTH" - Use custom authentication and authorization. For more information, see Custom authentication and authorization. * "AWS_X509" - Use X.509 client certificates without custom authentication and authorization. For more information, see X.509 client certificates. * "AWS_SIGV4" - Use Amazon Web Services Signature Version 4. For more information, see IAM users, groups, and roles. * "DEFAULT" - Use a combination of port and Application Layer Protocol Negotiation (ALPN) to specify authentication type. For more information, see Device communication protocols. * **applicationProtocol** (*string*) -- An enumerated string that specifies the application-layer protocol. * "SECURE_MQTT" - MQTT over TLS. * "MQTT_WSS" - MQTT over WebSocket. * "HTTPS" - HTTP over TLS. * "DEFAULT" - Use a combination of port and Application Layer Protocol Negotiation (ALPN) to specify application_layer protocol. For more information, see Device communication protocols. * **clientCertificateConfig** (*dict*) -- An object that specifies the client certificate configuration for a domain. * **clientCertificateCallbackArn** *(string) --* The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection. Return type: dict Returns: **Response Syntax** { 'domainConfigurationName': 'string', 'domainConfigurationArn': 'string' } **Response Structure** * *(dict) --* * **domainConfigurationName** *(string) --* The name of the domain configuration. * **domainConfigurationArn** *(string) --* The ARN of the domain configuration. **Exceptions** * "IoT.Client.exceptions.LimitExceededException" * "IoT.Client.exceptions.CertificateValidationException" * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ThrottlingException" IoT / Client / list_package_versions list_package_versions ********************* IoT.Client.list_package_versions(**kwargs) Lists the software package versions associated to the account. Requires permission to access the ListPackageVersions action. See also: AWS API Documentation **Request Syntax** response = client.list_package_versions( packageName='string', status='DRAFT'|'PUBLISHED'|'DEPRECATED', maxResults=123, nextToken='string' ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the target software package. * **status** (*string*) -- The status of the package version. For more information, see Package version lifecycle. * **maxResults** (*integer*) -- The maximum number of results to return at one time. * **nextToken** (*string*) -- The token for the next set of results. Return type: dict Returns: **Response Syntax** { 'packageVersionSummaries': [ { 'packageName': 'string', 'versionName': 'string', 'status': 'DRAFT'|'PUBLISHED'|'DEPRECATED', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **packageVersionSummaries** *(list) --* Lists the package versions associated to the package. * *(dict) --* A summary of information about a package version. * **packageName** *(string) --* The name of the associated software package. * **versionName** *(string) --* The name of the target package version. * **status** *(string) --* The status of the package version. For more information, see Package version lifecycle. * **creationDate** *(datetime) --* The date that the package version was created. * **lastModifiedDate** *(datetime) --* The date that the package version was last updated. * **nextToken** *(string) --* The token for the next set of results. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException" IoT / Client / delete_job_execution delete_job_execution ******************** IoT.Client.delete_job_execution(**kwargs) Deletes a job execution. Requires permission to access the DeleteJobExecution action. See also: AWS API Documentation **Request Syntax** response = client.delete_job_execution( jobId='string', thingName='string', executionNumber=123, force=True|False, namespaceId='string' ) Parameters: * **jobId** (*string*) -- **[REQUIRED]** The ID of the job whose execution on a particular device will be deleted. * **thingName** (*string*) -- **[REQUIRED]** The name of the thing whose job execution will be deleted. * **executionNumber** (*integer*) -- **[REQUIRED]** The ID of the job execution to be deleted. The "executionNumber" refers to the execution of a particular job on a particular device. Note that once a job execution is deleted, the "executionNumber" may be reused by IoT, so be sure you get and use the correct value here. * **force** (*boolean*) -- (Optional) When true, you can delete a job execution which is "IN_PROGRESS". Otherwise, you can only delete a job execution which is in a terminal state ("SUCCEEDED", "FAILED", "REJECTED", "REMOVED" or "CANCELED") or an exception will occur. The default is false. Note: Deleting a job execution which is "IN_PROGRESS", will cause the device to be unable to access job information or update the job execution status. Use caution and ensure that the device is able to recover to a valid state. * **namespaceId** (*string*) -- The namespace used to indicate that a job is a customer- managed job. When you specify a value for this parameter, Amazon Web Services IoT Core sends jobs notifications to MQTT topics that contain the value in the following format. "$aws/things/THING_NAME/jobs/JOB_ID/notify-namespace- NAMESPACE_ID/" Note: The "namespaceId" feature is only supported by IoT Greengrass at this time. For more information, see Setting up IoT Greengrass core devices. Returns: None **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.InvalidStateTransitionException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ServiceUnavailableException" IoT / Client / update_command update_command ************** IoT.Client.update_command(**kwargs) Update information about a command or mark a command for deprecation. See also: AWS API Documentation **Request Syntax** response = client.update_command( commandId='string', displayName='string', description='string', deprecated=True|False ) Parameters: * **commandId** (*string*) -- **[REQUIRED]** The unique identifier of the command to be updated. * **displayName** (*string*) -- The new user-friendly name to use in the console for the command. * **description** (*string*) -- A short text description of the command. * **deprecated** (*boolean*) -- A boolean that you can use to specify whether to deprecate a command. Return type: dict Returns: **Response Syntax** { 'commandId': 'string', 'displayName': 'string', 'description': 'string', 'deprecated': True|False, 'lastUpdatedAt': datetime(2015, 1, 1) } **Response Structure** * *(dict) --* * **commandId** *(string) --* The unique identifier of the command. * **displayName** *(string) --* The updated user-friendly display name in the console for the command. * **description** *(string) --* The updated text description of the command. * **deprecated** *(boolean) --* The boolean that indicates whether the command was deprecated. * **lastUpdatedAt** *(datetime) --* The date and time (epoch timestamp in seconds) when the command was last updated. **Exceptions** * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / get_cardinality get_cardinality *************** IoT.Client.get_cardinality(**kwargs) Returns the approximate count of unique values that match the query. Requires permission to access the GetCardinality action. See also: AWS API Documentation **Request Syntax** response = client.get_cardinality( indexName='string', queryString='string', aggregationField='string', queryVersion='string' ) Parameters: * **indexName** (*string*) -- The name of the index to search. * **queryString** (*string*) -- **[REQUIRED]** The search query string. * **aggregationField** (*string*) -- The field to aggregate. * **queryVersion** (*string*) -- The query version. Return type: dict Returns: **Response Syntax** { 'cardinality': 123 } **Response Structure** * *(dict) --* * **cardinality** *(integer) --* The approximate count of unique values that match the query. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidQueryException" * "IoT.Client.exceptions.InvalidAggregationException" * "IoT.Client.exceptions.IndexNotReadyException" IoT / Client / delete_dynamic_thing_group delete_dynamic_thing_group ************************** IoT.Client.delete_dynamic_thing_group(**kwargs) Deletes a dynamic thing group. Requires permission to access the DeleteDynamicThingGroup action. See also: AWS API Documentation **Request Syntax** response = client.delete_dynamic_thing_group( thingGroupName='string', expectedVersion=123 ) Parameters: * **thingGroupName** (*string*) -- **[REQUIRED]** The name of the dynamic thing group to delete. * **expectedVersion** (*integer*) -- The expected version of the dynamic thing group to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.VersionConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / create_keys_and_certificate create_keys_and_certificate *************************** IoT.Client.create_keys_and_certificate(**kwargs) Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key. You can also call "CreateKeysAndCertificate" over MQTT from a device, for more information, see Provisioning MQTT API. **Note** This is the only time IoT issues the private key for this certificate, so it is important to keep it in a secure location. Requires permission to access the CreateKeysAndCertificate action. See also: AWS API Documentation **Request Syntax** response = client.create_keys_and_certificate( setAsActive=True|False ) Parameters: **setAsActive** (*boolean*) -- Specifies whether the certificate is active. Return type: dict Returns: **Response Syntax** { 'certificateArn': 'string', 'certificateId': 'string', 'certificatePem': 'string', 'keyPair': { 'PublicKey': 'string', 'PrivateKey': 'string' } } **Response Structure** * *(dict) --* The output of the CreateKeysAndCertificate operation. * **certificateArn** *(string) --* The ARN of the certificate. * **certificateId** *(string) --* The ID of the certificate. IoT issues a default subject name for the certificate (for example, IoT Certificate). * **certificatePem** *(string) --* The certificate data, in PEM format. * **keyPair** *(dict) --* The generated key pair. * **PublicKey** *(string) --* The public key. * **PrivateKey** *(string) --* The private key. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_dimensions list_dimensions *************** IoT.Client.list_dimensions(**kwargs) List the set of dimensions that are defined for your Amazon Web Services accounts. Requires permission to access the ListDimensions action. See also: AWS API Documentation **Request Syntax** response = client.list_dimensions( nextToken='string', maxResults=123 ) Parameters: * **nextToken** (*string*) -- The token for the next set of results. * **maxResults** (*integer*) -- The maximum number of results to retrieve at one time. Return type: dict Returns: **Response Syntax** { 'dimensionNames': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **dimensionNames** *(list) --* A list of the names of the defined dimensions. Use "DescribeDimension" to get details for a dimension. * *(string) --* * **nextToken** *(string) --* A token that can be used to retrieve the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" IoT / Client / register_certificate register_certificate ******************** IoT.Client.register_certificate(**kwargs) Registers a device certificate with IoT in the same certificate mode as the signing CA. If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered. Requires permission to access the RegisterCertificate action. See also: AWS API Documentation **Request Syntax** response = client.register_certificate( certificatePem='string', caCertificatePem='string', setAsActive=True|False, status='ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION' ) Parameters: * **certificatePem** (*string*) -- **[REQUIRED]** The certificate data, in PEM format. * **caCertificatePem** (*string*) -- The CA certificate used to sign the device certificate being registered. * **setAsActive** (*boolean*) -- A boolean value that specifies if the certificate is set to active. Valid values: "ACTIVE | INACTIVE" * **status** (*string*) -- The status of the register certificate request. Valid values that you can use include "ACTIVE", "INACTIVE", and "REVOKED". Return type: dict Returns: **Response Syntax** { 'certificateArn': 'string', 'certificateId': 'string' } **Response Structure** * *(dict) --* The output from the RegisterCertificate operation. * **certificateArn** *(string) --* The certificate ARN. * **certificateId** *(string) --* The certificate identifier. **Exceptions** * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.CertificateValidationException" * "IoT.Client.exceptions.CertificateStateException" * "IoT.Client.exceptions.CertificateConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / clear_default_authorizer clear_default_authorizer ************************ IoT.Client.clear_default_authorizer() Clears the default authorizer. Requires permission to access the ClearDefaultAuthorizer action. See also: AWS API Documentation **Request Syntax** response = client.clear_default_authorizer() Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_outgoing_certificates list_outgoing_certificates ************************** IoT.Client.list_outgoing_certificates(**kwargs) Lists certificates that are being transferred but not yet accepted. Requires permission to access the ListOutgoingCertificates action. See also: AWS API Documentation **Request Syntax** response = client.list_outgoing_certificates( pageSize=123, marker='string', ascendingOrder=True|False ) Parameters: * **pageSize** (*integer*) -- The result page size. * **marker** (*string*) -- The marker for the next set of results. * **ascendingOrder** (*boolean*) -- Specifies the order for results. If True, the results are returned in ascending order, based on the creation date. Return type: dict Returns: **Response Syntax** { 'outgoingCertificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'transferredTo': 'string', 'transferDate': datetime(2015, 1, 1), 'transferMessage': 'string', 'creationDate': datetime(2015, 1, 1) }, ], 'nextMarker': 'string' } **Response Structure** * *(dict) --* The output from the ListOutgoingCertificates operation. * **outgoingCertificates** *(list) --* The certificates that are being transferred but not yet accepted. * *(dict) --* A certificate that has been transferred but not yet accepted. * **certificateArn** *(string) --* The certificate ARN. * **certificateId** *(string) --* The certificate ID. * **transferredTo** *(string) --* The Amazon Web Services account to which the transfer was made. * **transferDate** *(datetime) --* The date the transfer was initiated. * **transferMessage** *(string) --* The transfer message. * **creationDate** *(datetime) --* The certificate creation date. * **nextMarker** *(string) --* The marker for the next set of results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / delete_custom_metric delete_custom_metric ******************** IoT.Client.delete_custom_metric(**kwargs) Deletes a Device Defender detect custom metric. Requires permission to access the DeleteCustomMetric action. Note: Before you can delete a custom metric, you must first remove the custom metric from all security profiles it's a part of. The security profile associated with the custom metric can be found using the ListSecurityProfiles API with "metricName" set to your custom metric name. See also: AWS API Documentation **Request Syntax** response = client.delete_custom_metric( metricName='string' ) Parameters: **metricName** (*string*) -- **[REQUIRED]** The name of the custom metric. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / update_provisioning_template update_provisioning_template **************************** IoT.Client.update_provisioning_template(**kwargs) Updates a provisioning template. Requires permission to access the UpdateProvisioningTemplate action. See also: AWS API Documentation **Request Syntax** response = client.update_provisioning_template( templateName='string', description='string', enabled=True|False, defaultVersionId=123, provisioningRoleArn='string', preProvisioningHook={ 'payloadVersion': 'string', 'targetArn': 'string' }, removePreProvisioningHook=True|False ) Parameters: * **templateName** (*string*) -- **[REQUIRED]** The name of the provisioning template. * **description** (*string*) -- The description of the provisioning template. * **enabled** (*boolean*) -- True to enable the provisioning template, otherwise false. * **defaultVersionId** (*integer*) -- The ID of the default provisioning template version. * **provisioningRoleArn** (*string*) -- The ARN of the role associated with the provisioning template. This IoT role grants permission to provision a device. * **preProvisioningHook** (*dict*) -- Updates the pre-provisioning hook template. Only supports template of type "FLEET_PROVISIONING". For more information about provisioning template types, see type. * **payloadVersion** *(string) --* The payload that was sent to the target function. *Note:* Only Lambda functions are currently supported. * **targetArn** *(string) --* **[REQUIRED]** The ARN of the target function. *Note:* Only Lambda functions are currently supported. * **removePreProvisioningHook** (*boolean*) -- Removes pre- provisioning hook template. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ConflictingResourceUpdateException" IoT / Client / list_indices list_indices ************ IoT.Client.list_indices(**kwargs) Lists the search indices. Requires permission to access the ListIndices action. See also: AWS API Documentation **Request Syntax** response = client.list_indices( nextToken='string', maxResults=123 ) Parameters: * **nextToken** (*string*) -- The token used to get the next set of results, or "null" if there are no additional results. * **maxResults** (*integer*) -- The maximum number of results to return at one time. Return type: dict Returns: **Response Syntax** { 'indexNames': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **indexNames** *(list) --* The index names. * *(string) --* * **nextToken** *(string) --* The token used to get the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / describe_fleet_metric describe_fleet_metric ********************* IoT.Client.describe_fleet_metric(**kwargs) Gets information about the specified fleet metric. Requires permission to access the DescribeFleetMetric action. See also: AWS API Documentation **Request Syntax** response = client.describe_fleet_metric( metricName='string' ) Parameters: **metricName** (*string*) -- **[REQUIRED]** The name of the fleet metric to describe. Return type: dict Returns: **Response Syntax** { 'metricName': 'string', 'queryString': 'string', 'aggregationType': { 'name': 'Statistics'|'Percentiles'|'Cardinality', 'values': [ 'string', ] }, 'period': 123, 'aggregationField': 'string', 'description': 'string', 'queryVersion': 'string', 'indexName': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'unit': 'Seconds'|'Microseconds'|'Milliseconds'|'Bytes'|'Kilobytes'|'Megabytes'|'Gigabytes'|'Terabytes'|'Bits'|'Kilobits'|'Megabits'|'Gigabits'|'Terabits'|'Percent'|'Count'|'Bytes/Second'|'Kilobytes/Second'|'Megabytes/Second'|'Gigabytes/Second'|'Terabytes/Second'|'Bits/Second'|'Kilobits/Second'|'Megabits/Second'|'Gigabits/Second'|'Terabits/Second'|'Count/Second'|'None', 'version': 123, 'metricArn': 'string' } **Response Structure** * *(dict) --* * **metricName** *(string) --* The name of the fleet metric to describe. * **queryString** *(string) --* The search query string. * **aggregationType** *(dict) --* The type of the aggregation query. * **name** *(string) --* The name of the aggregation type. * **values** *(list) --* A list of the values of aggregation types. * *(string) --* * **period** *(integer) --* The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60. * **aggregationField** *(string) --* The field to aggregate. * **description** *(string) --* The fleet metric description. * **queryVersion** *(string) --* The query version. * **indexName** *(string) --* The name of the index to search. * **creationDate** *(datetime) --* The date when the fleet metric is created. * **lastModifiedDate** *(datetime) --* The date when the fleet metric is last modified. * **unit** *(string) --* Used to support unit transformation such as milliseconds to seconds. The unit must be supported by CW metric. * **version** *(integer) --* The version of the fleet metric. * **metricArn** *(string) --* The ARN of the fleet metric to describe. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / describe_encryption_configuration describe_encryption_configuration ********************************* IoT.Client.describe_encryption_configuration() Retrieves the encryption configuration for resources and data of your Amazon Web Services account in Amazon Web Services IoT Core. For more information, see Key management in IoT from the *Amazon Web Services IoT Core Developer Guide*. See also: AWS API Documentation **Request Syntax** response = client.describe_encryption_configuration() Return type: dict Returns: **Response Syntax** { 'encryptionType': 'CUSTOMER_MANAGED_KMS_KEY'|'AWS_OWNED_KMS_KEY', 'kmsKeyArn': 'string', 'kmsAccessRoleArn': 'string', 'configurationDetails': { 'configurationStatus': 'HEALTHY'|'UNHEALTHY', 'errorCode': 'string', 'errorMessage': 'string' }, 'lastModifiedDate': datetime(2015, 1, 1) } **Response Structure** * *(dict) --* * **encryptionType** *(string) --* The type of the Amazon Web Services Key Management Service (KMS) key. * **kmsKeyArn** *(string) --* The Amazon Resource Name (ARN) of the IAM role assumed by Amazon Web Services IoT Core to call KMS on behalf of the customer. * **kmsAccessRoleArn** *(string) --* The ARN of the customer-managed KMS key. * **configurationDetails** *(dict) --* The encryption configuration details that include the status information of the KMS key and the KMS access role. * **configurationStatus** *(string) --* The health status of KMS key and KMS access role. If either KMS key or KMS access role is "UNHEALTHY", the return value will be "UNHEALTHY". To use a customer- managed KMS key, the value of "configurationStatus" must be "HEALTHY". * **errorCode** *(string) --* The error code that indicates either the KMS key or the KMS access role is "UNHEALTHY". Valid values: "KMS_KEY_VALIDATION_ERROR" and "ROLE_VALIDATION_ERROR". * **errorMessage** *(string) --* The detailed error message that corresponds to the "errorCode". * **lastModifiedDate** *(datetime) --* The date when encryption configuration is last updated. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_things list_things *********** IoT.Client.list_things(**kwargs) Lists your things. Use the **attributeName** and **attributeValue** parameters to filter your things. For example, calling "ListThings" with attributeName=Color and attributeValue=Red retrieves all things in the registry that contain an attribute **Color** with the value **Red**. For more information, see List Things from the *Amazon Web Services IoT Core Developer Guide*. Requires permission to access the ListThings action. Note: You will not be charged for calling this API if an "Access denied" error is returned. You will also not be charged if no attributes or pagination token was provided in request and no pagination token and no results were returned. See also: AWS API Documentation **Request Syntax** response = client.list_things( nextToken='string', maxResults=123, attributeName='string', attributeValue='string', thingTypeName='string', usePrefixAttributeValue=True|False ) Parameters: * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise **null** to receive the first set of results. * **maxResults** (*integer*) -- The maximum number of results to return in this operation. * **attributeName** (*string*) -- The attribute name used to search for things. * **attributeValue** (*string*) -- The attribute value used to search for things. * **thingTypeName** (*string*) -- The name of the thing type used to search for things. * **usePrefixAttributeValue** (*boolean*) -- When "true", the action returns the thing resources with attribute values that start with the "attributeValue" provided. When "false", or not present, the action returns only the thing resources with attribute values that match the entire "attributeValue" provided. Return type: dict Returns: **Response Syntax** { 'things': [ { 'thingName': 'string', 'thingTypeName': 'string', 'thingArn': 'string', 'attributes': { 'string': 'string' }, 'version': 123 }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListThings operation. * **things** *(list) --* The things. * *(dict) --* The properties of the thing, including thing name, thing type name, and a list of thing attributes. * **thingName** *(string) --* The name of the thing. * **thingTypeName** *(string) --* The name of the thing type, if the thing has been associated with a type. * **thingArn** *(string) --* The thing ARN. * **attributes** *(dict) --* A list of thing attributes which are name-value pairs. * *(string) --* * *(string) --* * **version** *(integer) --* The version of the thing record in the registry. * **nextToken** *(string) --* The token to use to get the next set of results. Will not be returned if operation has returned all results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / update_scheduled_audit update_scheduled_audit ********************** IoT.Client.update_scheduled_audit(**kwargs) Updates a scheduled audit, including which checks are performed and how often the audit takes place. Requires permission to access the UpdateScheduledAudit action. See also: AWS API Documentation **Request Syntax** response = client.update_scheduled_audit( frequency='DAILY'|'WEEKLY'|'BIWEEKLY'|'MONTHLY', dayOfMonth='string', dayOfWeek='SUN'|'MON'|'TUE'|'WED'|'THU'|'FRI'|'SAT', targetCheckNames=[ 'string', ], scheduledAuditName='string' ) Parameters: * **frequency** (*string*) -- How often the scheduled audit takes place, either "DAILY", "WEEKLY", "BIWEEKLY", or "MONTHLY". The start time of each audit is determined by the system. * **dayOfMonth** (*string*) -- The day of the month on which the scheduled audit takes place. This can be "1" through "31" or "LAST". This field is required if the "frequency" parameter is set to "MONTHLY". If days 29-31 are specified, and the month does not have that many days, the audit takes place on the "LAST" day of the month. * **dayOfWeek** (*string*) -- The day of the week on which the scheduled audit takes place. This can be one of "SUN", "MON", "TUE", "WED", "THU", "FRI", or "SAT". This field is required if the "frequency" parameter is set to "WEEKLY" or "BIWEEKLY". * **targetCheckNames** (*list*) -- Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * *(string) --* An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * **scheduledAuditName** (*string*) -- **[REQUIRED]** The name of the scheduled audit. (Max. 128 chars) Return type: dict Returns: **Response Syntax** { 'scheduledAuditArn': 'string' } **Response Structure** * *(dict) --* * **scheduledAuditArn** *(string) --* The ARN of the scheduled audit. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / get_logging_options get_logging_options ******************* IoT.Client.get_logging_options() Gets the logging options. NOTE: use of this command is not recommended. Use "GetV2LoggingOptions" instead. Requires permission to access the GetLoggingOptions action. See also: AWS API Documentation **Request Syntax** response = client.get_logging_options() Return type: dict Returns: **Response Syntax** { 'roleArn': 'string', 'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED' } **Response Structure** * *(dict) --* The output from the GetLoggingOptions operation. * **roleArn** *(string) --* The ARN of the IAM role that grants access. * **logLevel** *(string) --* The logging level. **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" IoT / Client / delete_role_alias delete_role_alias ***************** IoT.Client.delete_role_alias(**kwargs) Deletes a role alias Requires permission to access the DeleteRoleAlias action. See also: AWS API Documentation **Request Syntax** response = client.delete_role_alias( roleAlias='string' ) Parameters: **roleAlias** (*string*) -- **[REQUIRED]** The role alias to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.DeleteConflictException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / delete_authorizer delete_authorizer ***************** IoT.Client.delete_authorizer(**kwargs) Deletes an authorizer. Requires permission to access the DeleteAuthorizer action. See also: AWS API Documentation **Request Syntax** response = client.delete_authorizer( authorizerName='string' ) Parameters: **authorizerName** (*string*) -- **[REQUIRED]** The name of the authorizer to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.DeleteConflictException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / attach_principal_policy attach_principal_policy *********************** IoT.Client.attach_principal_policy(**kwargs) Attaches the specified policy to the specified principal (certificate or other credential). **Note:** This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use AttachPolicy instead. Requires permission to access the AttachPrincipalPolicy action. Danger: This operation is deprecated and may not function as expected. This operation should not be used going forward and is only kept for the purpose of backwards compatiblity. See also: AWS API Documentation **Request Syntax** response = client.attach_principal_policy( policyName='string', principal='string' ) Parameters: * **policyName** (*string*) -- **[REQUIRED]** The policy name. * **principal** (*string*) -- **[REQUIRED]** The principal, which can be a certificate ARN (as returned from the CreateCertificate operation) or an Amazon Cognito ID. Returns: None **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.LimitExceededException" IoT / Client / delete_billing_group delete_billing_group ******************** IoT.Client.delete_billing_group(**kwargs) Deletes the billing group. Requires permission to access the DeleteBillingGroup action. See also: AWS API Documentation **Request Syntax** response = client.delete_billing_group( billingGroupName='string', expectedVersion=123 ) Parameters: * **billingGroupName** (*string*) -- **[REQUIRED]** The name of the billing group. * **expectedVersion** (*integer*) -- The expected version of the billing group. If the version of the billing group does not match the expected version specified in the request, the "DeleteBillingGroup" request is rejected with a "VersionConflictException". Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.VersionConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / describe_endpoint describe_endpoint ***************** IoT.Client.describe_endpoint(**kwargs) Returns or creates a unique endpoint specific to the Amazon Web Services account making the call. Note: The first time "DescribeEndpoint" is called, an endpoint is created. All subsequent calls to "DescribeEndpoint" return the same endpoint. Requires permission to access the DescribeEndpoint action. See also: AWS API Documentation **Request Syntax** response = client.describe_endpoint( endpointType='string' ) Parameters: **endpointType** (*string*) -- The endpoint type. Valid endpoint types include: * "iot:Data" - Returns a VeriSign signed data endpoint. * "iot:Data-ATS" - Returns an ATS signed data endpoint. * "iot:CredentialProvider" - Returns an IoT credentials provider API endpoint. * "iot:Jobs" - Returns an IoT device management Jobs API endpoint. We strongly recommend that customers use the newer "iot:Data- ATS" endpoint type to avoid issues related to the widespread distrust of Symantec certificate authorities. ATS Signed Certificates are more secure and are trusted by most popular browsers. Return type: dict Returns: **Response Syntax** { 'endpointAddress': 'string' } **Response Structure** * *(dict) --* The output from the DescribeEndpoint operation. * **endpointAddress** *(string) --* The endpoint. The format of the endpoint is as follows: *identifier*.iot.*region*.amazonaws.com. **Exceptions** * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ThrottlingException" IoT / Client / get_policy get_policy ********** IoT.Client.get_policy(**kwargs) Gets information about the specified policy with the policy document of the default version. Requires permission to access the GetPolicy action. See also: AWS API Documentation **Request Syntax** response = client.get_policy( policyName='string' ) Parameters: **policyName** (*string*) -- **[REQUIRED]** The name of the policy. Return type: dict Returns: **Response Syntax** { 'policyName': 'string', 'policyArn': 'string', 'policyDocument': 'string', 'defaultVersionId': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'generationId': 'string' } **Response Structure** * *(dict) --* The output from the GetPolicy operation. * **policyName** *(string) --* The policy name. * **policyArn** *(string) --* The policy ARN. * **policyDocument** *(string) --* The JSON document that describes the policy. * **defaultVersionId** *(string) --* The default policy version ID. * **creationDate** *(datetime) --* The date the policy was created. * **lastModifiedDate** *(datetime) --* The date the policy was last modified. * **generationId** *(string) --* The generation ID of the policy. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / remove_thing_from_thing_group remove_thing_from_thing_group ***************************** IoT.Client.remove_thing_from_thing_group(**kwargs) Remove the specified thing from the specified group. You must specify either a "thingGroupArn" or a "thingGroupName" to identify the thing group and either a "thingArn" or a "thingName" to identify the thing to remove from the thing group. Requires permission to access the RemoveThingFromThingGroup action. See also: AWS API Documentation **Request Syntax** response = client.remove_thing_from_thing_group( thingGroupName='string', thingGroupArn='string', thingName='string', thingArn='string' ) Parameters: * **thingGroupName** (*string*) -- The group name. * **thingGroupArn** (*string*) -- The group ARN. * **thingName** (*string*) -- The name of the thing to remove from the group. * **thingArn** (*string*) -- The ARN of the thing to remove from the group. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / remove_thing_from_billing_group remove_thing_from_billing_group ******************************* IoT.Client.remove_thing_from_billing_group(**kwargs) Removes the given thing from the billing group. Requires permission to access the RemoveThingFromBillingGroup action. Note: This call is asynchronous. It might take several seconds for the detachment to propagate. See also: AWS API Documentation **Request Syntax** response = client.remove_thing_from_billing_group( billingGroupName='string', billingGroupArn='string', thingName='string', thingArn='string' ) Parameters: * **billingGroupName** (*string*) -- The name of the billing group. * **billingGroupArn** (*string*) -- The ARN of the billing group. * **thingName** (*string*) -- The name of the thing to be removed from the billing group. * **thingArn** (*string*) -- The ARN of the thing to be removed from the billing group. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / list_sbom_validation_results list_sbom_validation_results **************************** IoT.Client.list_sbom_validation_results(**kwargs) The validation results for all software bill of materials (SBOM) attached to a specific software package version. Requires permission to access the ListSbomValidationResults action. See also: AWS API Documentation **Request Syntax** response = client.list_sbom_validation_results( packageName='string', versionName='string', validationResult='FAILED'|'SUCCEEDED', maxResults=123, nextToken='string' ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the new software package. * **versionName** (*string*) -- **[REQUIRED]** The name of the new package version. * **validationResult** (*string*) -- The end result of the * **maxResults** (*integer*) -- The maximum number of results to return at one time. * **nextToken** (*string*) -- A token that can be used to retrieve the next set of results, or null if there are no additional results. Return type: dict Returns: **Response Syntax** { 'validationResultSummaries': [ { 'fileName': 'string', 'validationResult': 'FAILED'|'SUCCEEDED', 'errorCode': 'INCOMPATIBLE_FORMAT'|'FILE_SIZE_LIMIT_EXCEEDED', 'errorMessage': 'string' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **validationResultSummaries** *(list) --* A summary of the validation results for each software bill of materials attached to a software package version. * *(dict) --* A summary of the validation results for a specific software bill of materials (SBOM) attached to a software package version. * **fileName** *(string) --* The name of the SBOM file. * **validationResult** *(string) --* The end result of the SBOM validation. * **errorCode** *(string) --* The "errorCode" representing the validation failure error if the SBOM validation failed. * **errorMessage** *(string) --* The "errorMessage" representing the validation failure error if the SBOM validation failed. * **nextToken** *(string) --* A token that can be used to retrieve the next set of results, or null if there are no additional results. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / update_role_alias update_role_alias ***************** IoT.Client.update_role_alias(**kwargs) Updates a role alias. Requires permission to access the UpdateRoleAlias action. Warning: The value of credentialDurationSeconds must be less than or equal to the maximum session duration of the IAM role that the role alias references. For more information, see Modifying a role maximum session duration (Amazon Web Services API) from the Amazon Web Services Identity and Access Management User Guide. See also: AWS API Documentation **Request Syntax** response = client.update_role_alias( roleAlias='string', roleArn='string', credentialDurationSeconds=123 ) Parameters: * **roleAlias** (*string*) -- **[REQUIRED]** The role alias to update. * **roleArn** (*string*) -- The role ARN. * **credentialDurationSeconds** (*integer*) -- The number of seconds the credential will be valid. This value must be less than or equal to the maximum session duration of the IAM role that the role alias references. Return type: dict Returns: **Response Syntax** { 'roleAlias': 'string', 'roleAliasArn': 'string' } **Response Structure** * *(dict) --* * **roleAlias** *(string) --* The role alias. * **roleAliasArn** *(string) --* The role alias ARN. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / cancel_certificate_transfer cancel_certificate_transfer *************************** IoT.Client.cancel_certificate_transfer(**kwargs) Cancels a pending transfer for the specified certificate. **Note** Only the transfer source account can use this operation to cancel a transfer. (Transfer destinations can use RejectCertificateTransfer instead.) After transfer, IoT returns the certificate to the source account in the INACTIVE state. After the destination account has accepted the transfer, the transfer cannot be cancelled. After a certificate transfer is cancelled, the status of the certificate changes from PENDING_TRANSFER to INACTIVE. Requires permission to access the CancelCertificateTransfer action. See also: AWS API Documentation **Request Syntax** response = client.cancel_certificate_transfer( certificateId='string' ) Parameters: **certificateId** (*string*) -- **[REQUIRED]** The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.) Returns: None **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.TransferAlreadyCompletedException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / delete_certificate delete_certificate ****************** IoT.Client.delete_certificate(**kwargs) Deletes the specified certificate. A certificate cannot be deleted if it has a policy or IoT thing attached to it or if its status is set to ACTIVE. To delete a certificate, first use the DetachPolicy action to detach all policies. Next, use the UpdateCertificate action to set the certificate to the INACTIVE status. Requires permission to access the DeleteCertificate action. See also: AWS API Documentation **Request Syntax** response = client.delete_certificate( certificateId='string', forceDelete=True|False ) Parameters: * **certificateId** (*string*) -- **[REQUIRED]** The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.) * **forceDelete** (*boolean*) -- Forces the deletion of a certificate if it is inactive and is not attached to an IoT thing. Returns: None **Exceptions** * "IoT.Client.exceptions.CertificateStateException" * "IoT.Client.exceptions.DeleteConflictException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / delete_job_template delete_job_template ******************* IoT.Client.delete_job_template(**kwargs) Deletes the specified job template. See also: AWS API Documentation **Request Syntax** response = client.delete_job_template( jobTemplateId='string' ) Parameters: **jobTemplateId** (*string*) -- **[REQUIRED]** The unique identifier of the job template to delete. Returns: None **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / update_authorizer update_authorizer ***************** IoT.Client.update_authorizer(**kwargs) Updates an authorizer. Requires permission to access the UpdateAuthorizer action. See also: AWS API Documentation **Request Syntax** response = client.update_authorizer( authorizerName='string', authorizerFunctionArn='string', tokenKeyName='string', tokenSigningPublicKeys={ 'string': 'string' }, status='ACTIVE'|'INACTIVE', enableCachingForHttp=True|False ) Parameters: * **authorizerName** (*string*) -- **[REQUIRED]** The authorizer name. * **authorizerFunctionArn** (*string*) -- The ARN of the authorizer's Lambda function. * **tokenKeyName** (*string*) -- The key used to extract the token from the HTTP headers. * **tokenSigningPublicKeys** (*dict*) -- The public keys used to verify the token signature. * *(string) --* * *(string) --* * **status** (*string*) -- The status of the update authorizer request. * **enableCachingForHttp** (*boolean*) -- When "true", the result from the authorizer’s Lambda function is cached for the time specified in "refreshAfterInSeconds". The cached result is used while the device reuses the same HTTP connection. Return type: dict Returns: **Response Syntax** { 'authorizerName': 'string', 'authorizerArn': 'string' } **Response Structure** * *(dict) --* * **authorizerName** *(string) --* The authorizer name. * **authorizerArn** *(string) --* The authorizer ARN. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.LimitExceededException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_topic_rules list_topic_rules **************** IoT.Client.list_topic_rules(**kwargs) Lists the rules for the specific topic. Requires permission to access the ListTopicRules action. See also: AWS API Documentation **Request Syntax** response = client.list_topic_rules( topic='string', maxResults=123, nextToken='string', ruleDisabled=True|False ) Parameters: * **topic** (*string*) -- The topic. * **maxResults** (*integer*) -- The maximum number of results to return. * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise **null** to receive the first set of results. * **ruleDisabled** (*boolean*) -- Specifies whether the rule is disabled. Return type: dict Returns: **Response Syntax** { 'rules': [ { 'ruleArn': 'string', 'ruleName': 'string', 'topicPattern': 'string', 'createdAt': datetime(2015, 1, 1), 'ruleDisabled': True|False }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* The output from the ListTopicRules operation. * **rules** *(list) --* The rules. * *(dict) --* Describes a rule. * **ruleArn** *(string) --* The rule ARN. * **ruleName** *(string) --* The name of the rule. * **topicPattern** *(string) --* The pattern for the topic names that apply. * **createdAt** *(datetime) --* The date and time the rule was created. * **ruleDisabled** *(boolean) --* Specifies whether the rule is disabled. * **nextToken** *(string) --* The token to use to get the next set of results, or **null** if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.UnauthorizedException" IoT / Client / disassociate_sbom_from_package_version disassociate_sbom_from_package_version ************************************** IoT.Client.disassociate_sbom_from_package_version(**kwargs) Disassociates the selected software bill of materials (SBOM) from a specific software package version. Requires permission to access the DisassociateSbomWithPackageVersion action. See also: AWS API Documentation **Request Syntax** response = client.disassociate_sbom_from_package_version( packageName='string', versionName='string', clientToken='string' ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the new software package. * **versionName** (*string*) -- **[REQUIRED]** The name of the new package version. * **clientToken** (*string*) -- A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don't reuse this client token if a new idempotent request is required. This field is autopopulated if not provided. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ConflictException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / create_topic_rule_destination create_topic_rule_destination ***************************** IoT.Client.create_topic_rule_destination(**kwargs) Creates a topic rule destination. The destination must be confirmed prior to use. Requires permission to access the CreateTopicRuleDestination action. See also: AWS API Documentation **Request Syntax** response = client.create_topic_rule_destination( destinationConfiguration={ 'httpUrlConfiguration': { 'confirmationUrl': 'string' }, 'vpcConfiguration': { 'subnetIds': [ 'string', ], 'securityGroups': [ 'string', ], 'vpcId': 'string', 'roleArn': 'string' } } ) Parameters: **destinationConfiguration** (*dict*) -- **[REQUIRED]** The topic rule destination configuration. * **httpUrlConfiguration** *(dict) --* Configuration of the HTTP URL. * **confirmationUrl** *(string) --* **[REQUIRED]** The URL IoT uses to confirm ownership of or access to the topic rule destination URL. * **vpcConfiguration** *(dict) --* Configuration of the virtual private cloud (VPC) connection. * **subnetIds** *(list) --* **[REQUIRED]** The subnet IDs of the VPC destination. * *(string) --* * **securityGroups** *(list) --* The security groups of the VPC destination. * *(string) --* * **vpcId** *(string) --* **[REQUIRED]** The ID of the VPC. * **roleArn** *(string) --* **[REQUIRED]** The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs). Return type: dict Returns: **Response Syntax** { 'topicRuleDestination': { 'arn': 'string', 'status': 'ENABLED'|'IN_PROGRESS'|'DISABLED'|'ERROR'|'DELETING', 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'statusReason': 'string', 'httpUrlProperties': { 'confirmationUrl': 'string' }, 'vpcProperties': { 'subnetIds': [ 'string', ], 'securityGroups': [ 'string', ], 'vpcId': 'string', 'roleArn': 'string' } } } **Response Structure** * *(dict) --* * **topicRuleDestination** *(dict) --* The topic rule destination. * **arn** *(string) --* The topic rule destination URL. * **status** *(string) --* The status of the topic rule destination. Valid values are: IN_PROGRESS A topic rule destination was created but has not been confirmed. You can set "status" to "IN_PROGRESS" by calling "UpdateTopicRuleDestination". Calling "UpdateTopicRuleDestination" causes a new confirmation challenge to be sent to your confirmation endpoint. ENABLED Confirmation was completed, and traffic to this destination is allowed. You can set "status" to "DISABLED" by calling "UpdateTopicRuleDestination". DISABLED Confirmation was completed, and traffic to this destination is not allowed. You can set "status" to "ENABLED" by calling "UpdateTopicRuleDestination". ERROR Confirmation could not be completed, for example if the confirmation timed out. You can call "GetTopicRuleDestination" for details about the error. You can set "status" to "IN_PROGRESS" by calling "UpdateTopicRuleDestination". Calling "UpdateTopicRuleDestination" causes a new confirmation challenge to be sent to your confirmation endpoint. * **createdAt** *(datetime) --* The date and time when the topic rule destination was created. * **lastUpdatedAt** *(datetime) --* The date and time when the topic rule destination was last updated. * **statusReason** *(string) --* Additional details or reason why the topic rule destination is in the current status. * **httpUrlProperties** *(dict) --* Properties of the HTTP URL. * **confirmationUrl** *(string) --* The URL used to confirm the HTTP topic rule destination URL. * **vpcProperties** *(dict) --* Properties of the virtual private cloud (VPC) connection. * **subnetIds** *(list) --* The subnet IDs of the VPC destination. * *(string) --* * **securityGroups** *(list) --* The security groups of the VPC destination. * *(string) --* * **vpcId** *(string) --* The ID of the VPC. * **roleArn** *(string) --* The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs). **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.ConflictingResourceUpdateException" * "IoT.Client.exceptions.UnauthorizedException" IoT / Client / tag_resource tag_resource ************ IoT.Client.tag_resource(**kwargs) Adds to or modifies the tags of the given resource. Tags are metadata which can be used to manage a resource. Requires permission to access the TagResource action. See also: AWS API Documentation **Request Syntax** response = client.tag_resource( resourceArn='string', tags=[ { 'Key': 'string', 'Value': 'string' }, ] ) Parameters: * **resourceArn** (*string*) -- **[REQUIRED]** The ARN of the resource. * **tags** (*list*) -- **[REQUIRED]** The new or modified tags for the resource. * *(dict) --* A set of key/value pairs that are used to manage the resource. * **Key** *(string) --* **[REQUIRED]** The tag's key. * **Value** *(string) --* The tag's value. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.LimitExceededException" IoT / Client / list_things_in_billing_group list_things_in_billing_group **************************** IoT.Client.list_things_in_billing_group(**kwargs) Lists the things you have added to the given billing group. Requires permission to access the ListThingsInBillingGroup action. See also: AWS API Documentation **Request Syntax** response = client.list_things_in_billing_group( billingGroupName='string', nextToken='string', maxResults=123 ) Parameters: * **billingGroupName** (*string*) -- **[REQUIRED]** The name of the billing group. * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise **null** to receive the first set of results. * **maxResults** (*integer*) -- The maximum number of results to return per request. Return type: dict Returns: **Response Syntax** { 'things': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **things** *(list) --* A list of things in the billing group. * *(string) --* * **nextToken** *(string) --* The token to use to get the next set of results. Will not be returned if operation has returned all results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" IoT / Client / get_package get_package *********** IoT.Client.get_package(**kwargs) Gets information about the specified software package. Requires permission to access the GetPackage action. See also: AWS API Documentation **Request Syntax** response = client.get_package( packageName='string' ) Parameters: **packageName** (*string*) -- **[REQUIRED]** The name of the target software package. Return type: dict Returns: **Response Syntax** { 'packageName': 'string', 'packageArn': 'string', 'description': 'string', 'defaultVersionName': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) } **Response Structure** * *(dict) --* * **packageName** *(string) --* The name of the software package. * **packageArn** *(string) --* The ARN for the package. * **description** *(string) --* The package description. * **defaultVersionName** *(string) --* The name of the default package version. * **creationDate** *(datetime) --* The date the package was created. * **lastModifiedDate** *(datetime) --* The date when the package was last updated. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / list_security_profiles list_security_profiles ********************** IoT.Client.list_security_profiles(**kwargs) Lists the Device Defender security profiles you've created. You can filter security profiles by dimension or custom metric. Requires permission to access the ListSecurityProfiles action. Note: "dimensionName" and "metricName" cannot be used in the same request. See also: AWS API Documentation **Request Syntax** response = client.list_security_profiles( nextToken='string', maxResults=123, dimensionName='string', metricName='string' ) Parameters: * **nextToken** (*string*) -- The token for the next set of results. * **maxResults** (*integer*) -- The maximum number of results to return at one time. * **dimensionName** (*string*) -- A filter to limit results to the security profiles that use the defined dimension. Cannot be used with "metricName" * **metricName** (*string*) -- The name of the custom metric. Cannot be used with "dimensionName". Return type: dict Returns: **Response Syntax** { 'securityProfileIdentifiers': [ { 'name': 'string', 'arn': 'string' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **securityProfileIdentifiers** *(list) --* A list of security profile identifiers (names and ARNs). * *(dict) --* Identifying information for a Device Defender security profile. * **name** *(string) --* The name you've given to the security profile. * **arn** *(string) --* The ARN of the security profile. * **nextToken** *(string) --* A token that can be used to retrieve the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / list_topic_rule_destinations list_topic_rule_destinations **************************** IoT.Client.list_topic_rule_destinations(**kwargs) Lists all the topic rule destinations in your Amazon Web Services account. Requires permission to access the ListTopicRuleDestinations action. See also: AWS API Documentation **Request Syntax** response = client.list_topic_rule_destinations( maxResults=123, nextToken='string' ) Parameters: * **maxResults** (*integer*) -- The maximum number of results to return at one time. * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise **null** to receive the first set of results. Return type: dict Returns: **Response Syntax** { 'destinationSummaries': [ { 'arn': 'string', 'status': 'ENABLED'|'IN_PROGRESS'|'DISABLED'|'ERROR'|'DELETING', 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'statusReason': 'string', 'httpUrlSummary': { 'confirmationUrl': 'string' }, 'vpcDestinationSummary': { 'subnetIds': [ 'string', ], 'securityGroups': [ 'string', ], 'vpcId': 'string', 'roleArn': 'string' } }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **destinationSummaries** *(list) --* Information about a topic rule destination. * *(dict) --* Information about the topic rule destination. * **arn** *(string) --* The topic rule destination ARN. * **status** *(string) --* The status of the topic rule destination. Valid values are: IN_PROGRESS A topic rule destination was created but has not been confirmed. You can set "status" to "IN_PROGRESS" by calling "UpdateTopicRuleDestination". Calling "UpdateTopicRuleDestination" causes a new confirmation challenge to be sent to your confirmation endpoint. ENABLED Confirmation was completed, and traffic to this destination is allowed. You can set "status" to "DISABLED" by calling "UpdateTopicRuleDestination". DISABLED Confirmation was completed, and traffic to this destination is not allowed. You can set "status" to "ENABLED" by calling "UpdateTopicRuleDestination". ERROR Confirmation could not be completed, for example if the confirmation timed out. You can call "GetTopicRuleDestination" for details about the error. You can set "status" to "IN_PROGRESS" by calling "UpdateTopicRuleDestination". Calling "UpdateTopicRuleDestination" causes a new confirmation challenge to be sent to your confirmation endpoint. * **createdAt** *(datetime) --* The date and time when the topic rule destination was created. * **lastUpdatedAt** *(datetime) --* The date and time when the topic rule destination was last updated. * **statusReason** *(string) --* The reason the topic rule destination is in the current status. * **httpUrlSummary** *(dict) --* Information about the HTTP URL. * **confirmationUrl** *(string) --* The URL used to confirm ownership of or access to the HTTP topic rule destination URL. * **vpcDestinationSummary** *(dict) --* Information about the virtual private cloud (VPC) connection. * **subnetIds** *(list) --* The subnet IDs of the VPC destination. * *(string) --* * **securityGroups** *(list) --* The security groups of the VPC destination. * *(string) --* * **vpcId** *(string) --* The ID of the VPC. * **roleArn** *(string) --* The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs). * **nextToken** *(string) --* The token to use to get the next set of results, or **null** if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.UnauthorizedException" IoT / Client / update_custom_metric update_custom_metric ******************** IoT.Client.update_custom_metric(**kwargs) Updates a Device Defender detect custom metric. Requires permission to access the UpdateCustomMetric action. See also: AWS API Documentation **Request Syntax** response = client.update_custom_metric( metricName='string', displayName='string' ) Parameters: * **metricName** (*string*) -- **[REQUIRED]** The name of the custom metric. Cannot be updated. * **displayName** (*string*) -- **[REQUIRED]** Field represents a friendly name in the console for the custom metric, it doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. Can be updated. Return type: dict Returns: **Response Syntax** { 'metricName': 'string', 'metricArn': 'string', 'metricType': 'string-list'|'ip-address-list'|'number-list'|'number', 'displayName': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) } **Response Structure** * *(dict) --* * **metricName** *(string) --* The name of the custom metric. * **metricArn** *(string) --* The Amazon Resource Number (ARN) of the custom metric. * **metricType** *(string) --* The type of the custom metric. Warning: The type "number" only takes a single metric value as an input, but while submitting the metrics value in the DeviceMetrics report, it must be passed as an array with a single value. * **displayName** *(string) --* A friendly name in the console for the custom metric * **creationDate** *(datetime) --* The creation date of the custom metric in milliseconds since epoch. * **lastModifiedDate** *(datetime) --* The time the custom metric was last modified in milliseconds since epoch. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_audit_findings list_audit_findings ******************* IoT.Client.list_audit_findings(**kwargs) Lists the findings (results) of a Device Defender audit or of the audits performed during a specified time period. (Findings are retained for 90 days.) Requires permission to access the ListAuditFindings action. See also: AWS API Documentation **Request Syntax** response = client.list_audit_findings( taskId='string', checkName='string', resourceIdentifier={ 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, maxResults=123, nextToken='string', startTime=datetime(2015, 1, 1), endTime=datetime(2015, 1, 1), listSuppressedFindings=True|False ) Parameters: * **taskId** (*string*) -- A filter to limit results to the audit with the specified ID. You must specify either the taskId or the startTime and endTime, but not both. * **checkName** (*string*) -- A filter to limit results to the findings for the specified audit check. * **resourceIdentifier** (*dict*) -- Information identifying the noncompliant resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **maxResults** (*integer*) -- The maximum number of results to return at one time. The default is 25. * **nextToken** (*string*) -- The token for the next set of results. * **startTime** (*datetime*) -- A filter to limit results to those found after the specified time. You must specify either the startTime and endTime or the taskId, but not both. * **endTime** (*datetime*) -- A filter to limit results to those found before the specified time. You must specify either the startTime and endTime or the taskId, but not both. * **listSuppressedFindings** (*boolean*) -- Boolean flag indicating whether only the suppressed findings or the unsuppressed findings should be listed. If this parameter isn't provided, the response will list both suppressed and unsuppressed findings. Return type: dict Returns: **Response Syntax** { 'findings': [ { 'findingId': 'string', 'taskId': 'string', 'checkName': 'string', 'taskStartTime': datetime(2015, 1, 1), 'findingTime': datetime(2015, 1, 1), 'severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW', 'nonCompliantResource': { 'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'additionalInfo': { 'string': 'string' } }, 'relatedResources': [ { 'resourceType': 'DEVICE_CERTIFICATE'|'CA_CERTIFICATE'|'IOT_POLICY'|'COGNITO_IDENTITY_POOL'|'CLIENT_ID'|'ACCOUNT_SETTINGS'|'ROLE_ALIAS'|'IAM_ROLE'|'ISSUER_CERTIFICATE', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'additionalInfo': { 'string': 'string' } }, ], 'reasonForNonCompliance': 'string', 'reasonForNonComplianceCode': 'string', 'isSuppressed': True|False }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **findings** *(list) --* The findings (results) of the audit. * *(dict) --* The findings (results) of the audit. * **findingId** *(string) --* A unique identifier for this set of audit findings. This identifier is used to apply mitigation tasks to one or more sets of findings. * **taskId** *(string) --* The ID of the audit that generated this result (finding). * **checkName** *(string) --* The audit check that generated this result. * **taskStartTime** *(datetime) --* The time the audit started. * **findingTime** *(datetime) --* The time the result (finding) was discovered. * **severity** *(string) --* The severity of the result (finding). * **nonCompliantResource** *(dict) --* The resource that was found to be noncompliant with the audit check. * **resourceType** *(string) --* The type of the noncompliant resource. * **resourceIdentifier** *(dict) --* Information that identifies the noncompliant resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **additionalInfo** *(dict) --* Other information about the noncompliant resource. * *(string) --* * *(string) --* * **relatedResources** *(list) --* The list of related resources. * *(dict) --* Information about a related resource. * **resourceType** *(string) --* The type of resource. * **resourceIdentifier** *(dict) --* Information that identifies the resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **additionalInfo** *(dict) --* Other information about the resource. * *(string) --* * *(string) --* * **reasonForNonCompliance** *(string) --* The reason the resource was noncompliant. * **reasonForNonComplianceCode** *(string) --* A code that indicates the reason that the resource was noncompliant. * **isSuppressed** *(boolean) --* Indicates whether the audit finding was suppressed or not during reporting. * **nextToken** *(string) --* A token that can be used to retrieve the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / update_domain_configuration update_domain_configuration *************************** IoT.Client.update_domain_configuration(**kwargs) Updates values stored in the domain configuration. Domain configurations for default endpoints can't be updated. Requires permission to access the UpdateDomainConfiguration action. See also: AWS API Documentation **Request Syntax** response = client.update_domain_configuration( domainConfigurationName='string', authorizerConfig={ 'defaultAuthorizerName': 'string', 'allowAuthorizerOverride': True|False }, domainConfigurationStatus='ENABLED'|'DISABLED', removeAuthorizerConfig=True|False, tlsConfig={ 'securityPolicy': 'string' }, serverCertificateConfig={ 'enableOCSPCheck': True|False, 'ocspLambdaArn': 'string', 'ocspAuthorizedResponderArn': 'string' }, authenticationType='CUSTOM_AUTH_X509'|'CUSTOM_AUTH'|'AWS_X509'|'AWS_SIGV4'|'DEFAULT', applicationProtocol='SECURE_MQTT'|'MQTT_WSS'|'HTTPS'|'DEFAULT', clientCertificateConfig={ 'clientCertificateCallbackArn': 'string' } ) Parameters: * **domainConfigurationName** (*string*) -- **[REQUIRED]** The name of the domain configuration to be updated. * **authorizerConfig** (*dict*) -- An object that specifies the authorization service for a domain. * **defaultAuthorizerName** *(string) --* The name of the authorization service for a domain configuration. * **allowAuthorizerOverride** *(boolean) --* A Boolean that specifies whether the domain configuration's authorization service can be overridden. * **domainConfigurationStatus** (*string*) -- The status to which the domain configuration should be updated. * **removeAuthorizerConfig** (*boolean*) -- Removes the authorization configuration from a domain. * **tlsConfig** (*dict*) -- An object that specifies the TLS configuration for a domain. * **securityPolicy** *(string) --* The security policy for a domain configuration. For more information, see Security policies in the *Amazon Web Services IoT Core developer guide*. * **serverCertificateConfig** (*dict*) -- The server certificate configuration. * **enableOCSPCheck** *(boolean) --* A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see Server certificate configuration for OCSP stapling from Amazon Web Services IoT Core Developer Guide. * **ocspLambdaArn** *(string) --* The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same Amazon Web Services account and region as the domain configuration. For more information, see Configuring server certificate OCSP for private endpoints in Amazon Web Services IoT Core from the Amazon Web Services IoT Core developer guide. * **ocspAuthorizedResponderArn** *(string) --* The Amazon Resource Name (ARN) for an X.509 certificate stored in Amazon Web Services Certificate Manager (ACM). If provided, Amazon Web Services IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same Amazon Web Services account and region as the domain configuration. * **authenticationType** (*string*) -- An enumerated string that specifies the authentication type. * "CUSTOM_AUTH_X509" - Use custom authentication and authorization with additional details from the X.509 client certificate. * "CUSTOM_AUTH" - Use custom authentication and authorization. For more information, see Custom authentication and authorization. * "AWS_X509" - Use X.509 client certificates without custom authentication and authorization. For more information, see X.509 client certificates. * "AWS_SIGV4" - Use Amazon Web Services Signature Version 4. For more information, see IAM users, groups, and roles. * "DEFAULT" - Use a combination of port and Application Layer Protocol Negotiation (ALPN) to specify authentication type. For more information, see Device communication protocols. * **applicationProtocol** (*string*) -- An enumerated string that specifies the application-layer protocol. * "SECURE_MQTT" - MQTT over TLS. * "MQTT_WSS" - MQTT over WebSocket. * "HTTPS" - HTTP over TLS. * "DEFAULT" - Use a combination of port and Application Layer Protocol Negotiation (ALPN) to specify application_layer protocol. For more information, see Device communication protocols. * **clientCertificateConfig** (*dict*) -- An object that specifies the client certificate configuration for a domain. * **clientCertificateCallbackArn** *(string) --* The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection. Return type: dict Returns: **Response Syntax** { 'domainConfigurationName': 'string', 'domainConfigurationArn': 'string' } **Response Structure** * *(dict) --* * **domainConfigurationName** *(string) --* The name of the domain configuration that was updated. * **domainConfigurationArn** *(string) --* The ARN of the domain configuration that was updated. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.CertificateValidationException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / attach_thing_principal attach_thing_principal ********************** IoT.Client.attach_thing_principal(**kwargs) Attaches the specified principal to the specified thing. A principal can be X.509 certificates, Amazon Cognito identities or federated identities. Requires permission to access the AttachThingPrincipal action. See also: AWS API Documentation **Request Syntax** response = client.attach_thing_principal( thingName='string', principal='string', thingPrincipalType='EXCLUSIVE_THING'|'NON_EXCLUSIVE_THING' ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The name of the thing. * **principal** (*string*) -- **[REQUIRED]** The principal, which can be a certificate ARN (as returned from the CreateCertificate operation) or an Amazon Cognito ID. * **thingPrincipalType** (*string*) -- The type of the relation you want to specify when you attach a principal to a thing. * "EXCLUSIVE_THING" - Attaches the specified principal to the specified thing, exclusively. The thing will be the only thing that’s attached to the principal. * "NON_EXCLUSIVE_THING" - Attaches the specified principal to the specified thing. Multiple things can be attached to the principal. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* The output from the AttachThingPrincipal operation. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / update_package_version update_package_version ********************** IoT.Client.update_package_version(**kwargs) Updates the supported fields for a specific package version. Requires permission to access the UpdatePackageVersion and GetIndexingConfiguration actions. See also: AWS API Documentation **Request Syntax** response = client.update_package_version( packageName='string', versionName='string', description='string', attributes={ 'string': 'string' }, artifact={ 's3Location': { 'bucket': 'string', 'key': 'string', 'version': 'string' } }, action='PUBLISH'|'DEPRECATE', recipe='string', clientToken='string' ) Parameters: * **packageName** (*string*) -- **[REQUIRED]** The name of the associated software package. * **versionName** (*string*) -- **[REQUIRED]** The name of the target package version. * **description** (*string*) -- The package version description. * **attributes** (*dict*) -- Metadata that can be used to define a package version’s configuration. For example, the Amazon S3 file location, configuration options that are being sent to the device or fleet. **Note:** Attributes can be updated only when the package version is in a draft state. The combined size of all the attributes on a package version is limited to 3KB. * *(string) --* * *(string) --* * **artifact** (*dict*) -- The various components that make up a software package version. * **s3Location** *(dict) --* The S3 location. * **bucket** *(string) --* The S3 bucket. * **key** *(string) --* The S3 key. * **version** *(string) --* The S3 bucket version. * **action** (*string*) -- The status that the package version should be assigned. For more information, see Package version lifecycle. * **recipe** (*string*) -- The inline job document associated with a software package version used for a quick job deployment. * **clientToken** (*string*) -- A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don't reuse this client token if a new idempotent request is required. This field is autopopulated if not provided. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ConflictException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / list_certificates_by_ca list_certificates_by_ca *********************** IoT.Client.list_certificates_by_ca(**kwargs) List the device certificates signed by the specified CA certificate. Requires permission to access the ListCertificatesByCA action. See also: AWS API Documentation **Request Syntax** response = client.list_certificates_by_ca( caCertificateId='string', pageSize=123, marker='string', ascendingOrder=True|False ) Parameters: * **caCertificateId** (*string*) -- **[REQUIRED]** The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate. * **pageSize** (*integer*) -- The result page size. * **marker** (*string*) -- The marker for the next set of results. * **ascendingOrder** (*boolean*) -- Specifies the order for results. If True, the results are returned in ascending order, based on the creation date. Return type: dict Returns: **Response Syntax** { 'certificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION', 'certificateMode': 'DEFAULT'|'SNI_ONLY', 'creationDate': datetime(2015, 1, 1) }, ], 'nextMarker': 'string' } **Response Structure** * *(dict) --* The output of the ListCertificatesByCA operation. * **certificates** *(list) --* The device certificates signed by the specified CA certificate. * *(dict) --* Information about a certificate. * **certificateArn** *(string) --* The ARN of the certificate. * **certificateId** *(string) --* The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.) * **status** *(string) --* The status of the certificate. The status value REGISTER_INACTIVE is deprecated and should not be used. * **certificateMode** *(string) --* The mode of the certificate. "DEFAULT": A certificate in "DEFAULT" mode is either generated by Amazon Web Services IoT Core or registered with an issuer certificate authority (CA) in "DEFAULT" mode. Devices with certificates in "DEFAULT" mode aren't required to send the Server Name Indication (SNI) extension when connecting to Amazon Web Services IoT Core. However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to Amazon Web Services IoT Core. "SNI_ONLY": A certificate in "SNI_ONLY" mode is registered without an issuer CA. Devices with certificates in "SNI_ONLY" mode must send the SNI extension when connecting to Amazon Web Services IoT Core. * **creationDate** *(datetime) --* The date and time the certificate was created. * **nextMarker** *(string) --* The marker for the next set of results, or null if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_thing_registration_tasks list_thing_registration_tasks ***************************** IoT.Client.list_thing_registration_tasks(**kwargs) List bulk thing provisioning tasks. Requires permission to access the ListThingRegistrationTasks action. See also: AWS API Documentation **Request Syntax** response = client.list_thing_registration_tasks( nextToken='string', maxResults=123, status='InProgress'|'Completed'|'Failed'|'Cancelled'|'Cancelling' ) Parameters: * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise **null** to receive the first set of results. * **maxResults** (*integer*) -- The maximum number of results to return at one time. * **status** (*string*) -- The status of the bulk thing provisioning task. Return type: dict Returns: **Response Syntax** { 'taskIds': [ 'string', ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **taskIds** *(list) --* A list of bulk thing provisioning task IDs. * *(string) --* * **nextToken** *(string) --* The token to use to get the next set of results, or **null** if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / start_audit_mitigation_actions_task start_audit_mitigation_actions_task *********************************** IoT.Client.start_audit_mitigation_actions_task(**kwargs) Starts a task that applies a set of mitigation actions to the specified target. Requires permission to access the StartAuditMitigationActionsTask action. See also: AWS API Documentation **Request Syntax** response = client.start_audit_mitigation_actions_task( taskId='string', target={ 'auditTaskId': 'string', 'findingIds': [ 'string', ], 'auditCheckToReasonCodeFilter': { 'string': [ 'string', ] } }, auditCheckToActionsMapping={ 'string': [ 'string', ] }, clientRequestToken='string' ) Parameters: * **taskId** (*string*) -- **[REQUIRED]** A unique identifier for the task. You can use this identifier to check the status of the task or to cancel it. * **target** (*dict*) -- **[REQUIRED]** Specifies the audit findings to which the mitigation actions are applied. You can apply them to a type of audit check, to all findings from an audit, or to a specific set of findings. * **auditTaskId** *(string) --* If the task will apply a mitigation action to findings from a specific audit, this value uniquely identifies the audit. * **findingIds** *(list) --* If the task will apply a mitigation action to one or more listed findings, this value uniquely identifies those findings. * *(string) --* * **auditCheckToReasonCodeFilter** *(dict) --* Specifies a filter in the form of an audit check and set of reason codes that identify the findings from the audit to which the audit mitigation actions task apply. * *(string) --* An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * *(list) --* * *(string) --* * **auditCheckToActionsMapping** (*dict*) -- **[REQUIRED]** For an audit check, specifies which mitigation actions to apply. Those actions must be defined in your Amazon Web Services accounts. * *(string) --* An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * *(list) --* * *(string) --* * **clientRequestToken** (*string*) -- **[REQUIRED]** Each audit mitigation task must have a unique client request token. If you try to start a new task with the same token as a task that already exists, an exception occurs. If you omit this value, a unique client request token is generated automatically. This field is autopopulated if not provided. Return type: dict Returns: **Response Syntax** { 'taskId': 'string' } **Response Structure** * *(dict) --* * **taskId** *(string) --* The unique identifier for the audit mitigation task. This matches the "taskId" that you specified in the request. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.TaskAlreadyExistsException" * "IoT.Client.exceptions.LimitExceededException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_fleet_metrics list_fleet_metrics ****************** IoT.Client.list_fleet_metrics(**kwargs) Lists all your fleet metrics. Requires permission to access the ListFleetMetrics action. See also: AWS API Documentation **Request Syntax** response = client.list_fleet_metrics( nextToken='string', maxResults=123 ) Parameters: * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise "null" to receive the first set of results. * **maxResults** (*integer*) -- The maximum number of results to return in this operation. Return type: dict Returns: **Response Syntax** { 'fleetMetrics': [ { 'metricName': 'string', 'metricArn': 'string' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **fleetMetrics** *(list) --* The list of fleet metrics objects. * *(dict) --* The name and ARN of a fleet metric. * **metricName** *(string) --* The fleet metric name. * **metricArn** *(string) --* The fleet metric ARN. * **nextToken** *(string) --* The token for the next set of results. Will not be returned if the operation has returned all results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / detach_principal_policy detach_principal_policy *********************** IoT.Client.detach_principal_policy(**kwargs) Removes the specified policy from the specified certificate. **Note:** This action is deprecated and works as expected for backward compatibility, but we won't add enhancements. Use DetachPolicy instead. Requires permission to access the DetachPrincipalPolicy action. Danger: This operation is deprecated and may not function as expected. This operation should not be used going forward and is only kept for the purpose of backwards compatiblity. See also: AWS API Documentation **Request Syntax** response = client.detach_principal_policy( policyName='string', principal='string' ) Parameters: * **policyName** (*string*) -- **[REQUIRED]** The name of the policy to detach. * **principal** (*string*) -- **[REQUIRED]** The principal. Valid principals are CertificateArn (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and CognitoId (*region*:*id*). Returns: None **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / get_statistics get_statistics ************** IoT.Client.get_statistics(**kwargs) Returns the count, average, sum, minimum, maximum, sum of squares, variance, and standard deviation for the specified aggregated field. If the aggregation field is of type "String", only the count statistic is returned. Requires permission to access the GetStatistics action. See also: AWS API Documentation **Request Syntax** response = client.get_statistics( indexName='string', queryString='string', aggregationField='string', queryVersion='string' ) Parameters: * **indexName** (*string*) -- The name of the index to search. The default value is "AWS_Things". * **queryString** (*string*) -- **[REQUIRED]** The query used to search. You can specify "*" for the query string to get the count of all indexed things in your Amazon Web Services account. * **aggregationField** (*string*) -- The aggregation field name. * **queryVersion** (*string*) -- The version of the query used to search. Return type: dict Returns: **Response Syntax** { 'statistics': { 'count': 123, 'average': 123.0, 'sum': 123.0, 'minimum': 123.0, 'maximum': 123.0, 'sumOfSquares': 123.0, 'variance': 123.0, 'stdDeviation': 123.0 } } **Response Structure** * *(dict) --* * **statistics** *(dict) --* The statistics returned by the Fleet Indexing service based on the query and aggregation field. * **count** *(integer) --* The count of things that match the query string criteria and contain a valid aggregation field value. * **average** *(float) --* The average of the aggregated field values. * **sum** *(float) --* The sum of the aggregated field values. * **minimum** *(float) --* The minimum aggregated field value. * **maximum** *(float) --* The maximum aggregated field value. * **sumOfSquares** *(float) --* The sum of the squares of the aggregated field values. * **variance** *(float) --* The variance of the aggregated field values. * **stdDeviation** *(float) --* The standard deviation of the aggregated field values. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidQueryException" * "IoT.Client.exceptions.InvalidAggregationException" * "IoT.Client.exceptions.IndexNotReadyException" IoT / Client / stop_thing_registration_task stop_thing_registration_task **************************** IoT.Client.stop_thing_registration_task(**kwargs) Cancels a bulk thing provisioning task. Requires permission to access the StopThingRegistrationTask action. See also: AWS API Documentation **Request Syntax** response = client.stop_thing_registration_task( taskId='string' ) Parameters: **taskId** (*string*) -- **[REQUIRED]** The bulk thing provisioning task ID. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / describe_thing_type describe_thing_type ******************* IoT.Client.describe_thing_type(**kwargs) Gets information about the specified thing type. Requires permission to access the DescribeThingType action. See also: AWS API Documentation **Request Syntax** response = client.describe_thing_type( thingTypeName='string' ) Parameters: **thingTypeName** (*string*) -- **[REQUIRED]** The name of the thing type. Return type: dict Returns: **Response Syntax** { 'thingTypeName': 'string', 'thingTypeId': 'string', 'thingTypeArn': 'string', 'thingTypeProperties': { 'thingTypeDescription': 'string', 'searchableAttributes': [ 'string', ], 'mqtt5Configuration': { 'propagatingAttributes': [ { 'userPropertyKey': 'string', 'thingAttribute': 'string', 'connectionAttribute': 'string' }, ] } }, 'thingTypeMetadata': { 'deprecated': True|False, 'deprecationDate': datetime(2015, 1, 1), 'creationDate': datetime(2015, 1, 1) } } **Response Structure** * *(dict) --* The output for the DescribeThingType operation. * **thingTypeName** *(string) --* The name of the thing type. * **thingTypeId** *(string) --* The thing type ID. * **thingTypeArn** *(string) --* The thing type ARN. * **thingTypeProperties** *(dict) --* The ThingTypeProperties contains information about the thing type including description, a list of searchable thing attribute names, and MQTT5 configuration. * **thingTypeDescription** *(string) --* The description of the thing type. * **searchableAttributes** *(list) --* A list of searchable thing attribute names. * *(string) --* * **mqtt5Configuration** *(dict) --* The configuration to add user-defined properties to enrich MQTT 5 messages. * **propagatingAttributes** *(list) --* An object that represents the propagating thing attributes and the connection attributes. * *(dict) --* An object that represents the connection attribute, thing attribute, and the user property key. * **userPropertyKey** *(string) --* The key of the user property key-value pair. * **thingAttribute** *(string) --* The user-defined thing attribute that is propagating for MQTT 5 message enrichment. * **connectionAttribute** *(string) --* The attribute associated with the connection between a device and Amazon Web Services IoT Core. * **thingTypeMetadata** *(dict) --* The ThingTypeMetadata contains additional information about the thing type including: creation date and time, a value indicating whether the thing type is deprecated, and a date and time when it was deprecated. * **deprecated** *(boolean) --* Whether the thing type is deprecated. If **true**, no new things could be associated with this type. * **deprecationDate** *(datetime) --* The date and time when the thing type was deprecated. * **creationDate** *(datetime) --* The date and time when the thing type was created. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / describe_certificate describe_certificate ******************** IoT.Client.describe_certificate(**kwargs) Gets information about the specified certificate. Requires permission to access the DescribeCertificate action. See also: AWS API Documentation **Request Syntax** response = client.describe_certificate( certificateId='string' ) Parameters: **certificateId** (*string*) -- **[REQUIRED]** The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.) Return type: dict Returns: **Response Syntax** { 'certificateDescription': { 'certificateArn': 'string', 'certificateId': 'string', 'caCertificateId': 'string', 'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION', 'certificatePem': 'string', 'ownedBy': 'string', 'previousOwnedBy': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'customerVersion': 123, 'transferData': { 'transferMessage': 'string', 'rejectReason': 'string', 'transferDate': datetime(2015, 1, 1), 'acceptDate': datetime(2015, 1, 1), 'rejectDate': datetime(2015, 1, 1) }, 'generationId': 'string', 'validity': { 'notBefore': datetime(2015, 1, 1), 'notAfter': datetime(2015, 1, 1) }, 'certificateMode': 'DEFAULT'|'SNI_ONLY' } } **Response Structure** * *(dict) --* The output of the DescribeCertificate operation. * **certificateDescription** *(dict) --* The description of the certificate. * **certificateArn** *(string) --* The ARN of the certificate. * **certificateId** *(string) --* The ID of the certificate. * **caCertificateId** *(string) --* The certificate ID of the CA certificate used to sign this certificate. * **status** *(string) --* The status of the certificate. * **certificatePem** *(string) --* The certificate data, in PEM format. * **ownedBy** *(string) --* The ID of the Amazon Web Services account that owns the certificate. * **previousOwnedBy** *(string) --* The ID of the Amazon Web Services account of the previous owner of the certificate. * **creationDate** *(datetime) --* The date and time the certificate was created. * **lastModifiedDate** *(datetime) --* The date and time the certificate was last modified. * **customerVersion** *(integer) --* The customer version of the certificate. * **transferData** *(dict) --* The transfer data. * **transferMessage** *(string) --* The transfer message. * **rejectReason** *(string) --* The reason why the transfer was rejected. * **transferDate** *(datetime) --* The date the transfer took place. * **acceptDate** *(datetime) --* The date the transfer was accepted. * **rejectDate** *(datetime) --* The date the transfer was rejected. * **generationId** *(string) --* The generation ID of the certificate. * **validity** *(dict) --* When the certificate is valid. * **notBefore** *(datetime) --* The certificate is not valid before this date. * **notAfter** *(datetime) --* The certificate is not valid after this date. * **certificateMode** *(string) --* The mode of the certificate. "DEFAULT": A certificate in "DEFAULT" mode is either generated by Amazon Web Services IoT Core or registered with an issuer certificate authority (CA) in "DEFAULT" mode. Devices with certificates in "DEFAULT" mode aren't required to send the Server Name Indication (SNI) extension when connecting to Amazon Web Services IoT Core. However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to Amazon Web Services IoT Core. "SNI_ONLY": A certificate in "SNI_ONLY" mode is registered without an issuer CA. Devices with certificates in "SNI_ONLY" mode must send the SNI extension when connecting to Amazon Web Services IoT Core. For more information about the value for SNI extension, see Transport security in IoT. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / update_billing_group update_billing_group ******************** IoT.Client.update_billing_group(**kwargs) Updates information about the billing group. Requires permission to access the UpdateBillingGroup action. See also: AWS API Documentation **Request Syntax** response = client.update_billing_group( billingGroupName='string', billingGroupProperties={ 'billingGroupDescription': 'string' }, expectedVersion=123 ) Parameters: * **billingGroupName** (*string*) -- **[REQUIRED]** The name of the billing group. * **billingGroupProperties** (*dict*) -- **[REQUIRED]** The properties of the billing group. * **billingGroupDescription** *(string) --* The description of the billing group. * **expectedVersion** (*integer*) -- The expected version of the billing group. If the version of the billing group does not match the expected version specified in the request, the "UpdateBillingGroup" request is rejected with a "VersionConflictException". Return type: dict Returns: **Response Syntax** { 'version': 123 } **Response Structure** * *(dict) --* * **version** *(integer) --* The latest version of the billing group. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.VersionConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" IoT / Client / delete_provisioning_template delete_provisioning_template **************************** IoT.Client.delete_provisioning_template(**kwargs) Deletes a provisioning template. Requires permission to access the DeleteProvisioningTemplate action. See also: AWS API Documentation **Request Syntax** response = client.delete_provisioning_template( templateName='string' ) Parameters: **templateName** (*string*) -- **[REQUIRED]** The name of the fleet provision template to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.DeleteConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ConflictingResourceUpdateException" * "IoT.Client.exceptions.UnauthorizedException" IoT / Client / create_fleet_metric create_fleet_metric ******************* IoT.Client.create_fleet_metric(**kwargs) Creates a fleet metric. Requires permission to access the CreateFleetMetric action. See also: AWS API Documentation **Request Syntax** response = client.create_fleet_metric( metricName='string', queryString='string', aggregationType={ 'name': 'Statistics'|'Percentiles'|'Cardinality', 'values': [ 'string', ] }, period=123, aggregationField='string', description='string', queryVersion='string', indexName='string', unit='Seconds'|'Microseconds'|'Milliseconds'|'Bytes'|'Kilobytes'|'Megabytes'|'Gigabytes'|'Terabytes'|'Bits'|'Kilobits'|'Megabits'|'Gigabits'|'Terabits'|'Percent'|'Count'|'Bytes/Second'|'Kilobytes/Second'|'Megabytes/Second'|'Gigabytes/Second'|'Terabytes/Second'|'Bits/Second'|'Kilobits/Second'|'Megabits/Second'|'Gigabits/Second'|'Terabits/Second'|'Count/Second'|'None', tags=[ { 'Key': 'string', 'Value': 'string' }, ] ) Parameters: * **metricName** (*string*) -- **[REQUIRED]** The name of the fleet metric to create. * **queryString** (*string*) -- **[REQUIRED]** The search query string. * **aggregationType** (*dict*) -- **[REQUIRED]** The type of the aggregation query. * **name** *(string) --* **[REQUIRED]** The name of the aggregation type. * **values** *(list) --* A list of the values of aggregation types. * *(string) --* * **period** (*integer*) -- **[REQUIRED]** The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60. * **aggregationField** (*string*) -- **[REQUIRED]** The field to aggregate. * **description** (*string*) -- The fleet metric description. * **queryVersion** (*string*) -- The query version. * **indexName** (*string*) -- The name of the index to search. * **unit** (*string*) -- Used to support unit transformation such as milliseconds to seconds. The unit must be supported by CW metric. Default to null. * **tags** (*list*) -- Metadata, which can be used to manage the fleet metric. * *(dict) --* A set of key/value pairs that are used to manage the resource. * **Key** *(string) --* **[REQUIRED]** The tag's key. * **Value** *(string) --* The tag's value. Return type: dict Returns: **Response Syntax** { 'metricName': 'string', 'metricArn': 'string' } **Response Structure** * *(dict) --* * **metricName** *(string) --* The name of the fleet metric to create. * **metricArn** *(string) --* The Amazon Resource Name (ARN) of the new fleet metric. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.LimitExceededException" * "IoT.Client.exceptions.ResourceAlreadyExistsException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidQueryException" * "IoT.Client.exceptions.InvalidAggregationException" * "IoT.Client.exceptions.IndexNotReadyException" IoT / Client / delete_dimension delete_dimension **************** IoT.Client.delete_dimension(**kwargs) Removes the specified dimension from your Amazon Web Services accounts. Requires permission to access the DeleteDimension action. See also: AWS API Documentation **Request Syntax** response = client.delete_dimension( name='string' ) Parameters: **name** (*string*) -- **[REQUIRED]** The unique identifier for the dimension that you want to delete. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" IoT / Client / list_job_templates list_job_templates ****************** IoT.Client.list_job_templates(**kwargs) Returns a list of job templates. Requires permission to access the ListJobTemplates action. See also: AWS API Documentation **Request Syntax** response = client.list_job_templates( maxResults=123, nextToken='string' ) Parameters: * **maxResults** (*integer*) -- The maximum number of results to return in the list. * **nextToken** (*string*) -- The token to use to return the next set of results in the list. Return type: dict Returns: **Response Syntax** { 'jobTemplates': [ { 'jobTemplateArn': 'string', 'jobTemplateId': 'string', 'description': 'string', 'createdAt': datetime(2015, 1, 1) }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **jobTemplates** *(list) --* A list of objects that contain information about the job templates. * *(dict) --* An object that contains information about the job template. * **jobTemplateArn** *(string) --* The ARN of the job template. * **jobTemplateId** *(string) --* The unique identifier of the job template. * **description** *(string) --* A description of the job template. * **createdAt** *(datetime) --* The time, in seconds since the epoch, when the job template was created. * **nextToken** *(string) --* The token for the next set of results, or **null** if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / delete_domain_configuration delete_domain_configuration *************************** IoT.Client.delete_domain_configuration(**kwargs) Deletes the specified domain configuration. Requires permission to access the DeleteDomainConfiguration action. See also: AWS API Documentation **Request Syntax** response = client.delete_domain_configuration( domainConfigurationName='string' ) Parameters: **domainConfigurationName** (*string*) -- **[REQUIRED]** The name of the domain configuration to be deleted. Return type: dict Returns: **Response Syntax** {} **Response Structure** * *(dict) --* **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.InvalidRequestException" IoT / Client / transfer_certificate transfer_certificate ******************** IoT.Client.transfer_certificate(**kwargs) Transfers the specified certificate to the specified Amazon Web Services account. Requires permission to access the TransferCertificate action. You can cancel the transfer until it is acknowledged by the recipient. No notification is sent to the transfer destination's account. It's up to the caller to notify the transfer target. The certificate being transferred must not be in the "ACTIVE" state. You can use the UpdateCertificate action to deactivate it. The certificate must not have any policies attached to it. You can use the DetachPolicy action to detach them. **Customer managed key behavior:** When you use a customer managed key to secure your data and then transfer the key to a customer in a different account using the TransferCertificate operation, the certificates will no longer be protected by their customer managed key configuration. During the transfer process, certificates are encrypted using IoT owned keys. While a certificate is in the **PENDING_TRANSFER** state, it's always protected by IoT owned keys, regardless of the customer managed key configuration of either the source or destination account. Once the transfer is completed through AcceptCertificateTransfer, RejectCertificateTransfer, or CancelCertificateTransfer, the certificate will be protected by the customer managed key configuration of the account that owns the certificate after the transfer operation: * If the transfer is accepted: The certificate is protected by the destination account's customer managed key configuration. * If the transfer is rejected or cancelled: The certificate is protected by the source account's customer managed key configuration. See also: AWS API Documentation **Request Syntax** response = client.transfer_certificate( certificateId='string', targetAwsAccount='string', transferMessage='string' ) Parameters: * **certificateId** (*string*) -- **[REQUIRED]** The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.) * **targetAwsAccount** (*string*) -- **[REQUIRED]** The Amazon Web Services account. * **transferMessage** (*string*) -- The transfer message. Return type: dict Returns: **Response Syntax** { 'transferredCertificateArn': 'string' } **Response Structure** * *(dict) --* The output from the TransferCertificate operation. * **transferredCertificateArn** *(string) --* The ARN of the certificate. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.CertificateStateException" * "IoT.Client.exceptions.TransferConflictException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / describe_audit_suppression describe_audit_suppression ************************** IoT.Client.describe_audit_suppression(**kwargs) Gets information about a Device Defender audit suppression. See also: AWS API Documentation **Request Syntax** response = client.describe_audit_suppression( checkName='string', resourceIdentifier={ 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' } ) Parameters: * **checkName** (*string*) -- **[REQUIRED]** An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * **resourceIdentifier** (*dict*) -- **[REQUIRED]** Information that identifies the noncompliant resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. Return type: dict Returns: **Response Syntax** { 'checkName': 'string', 'resourceIdentifier': { 'deviceCertificateId': 'string', 'caCertificateId': 'string', 'cognitoIdentityPoolId': 'string', 'clientId': 'string', 'policyVersionIdentifier': { 'policyName': 'string', 'policyVersionId': 'string' }, 'account': 'string', 'iamRoleArn': 'string', 'roleAliasArn': 'string', 'issuerCertificateIdentifier': { 'issuerCertificateSubject': 'string', 'issuerId': 'string', 'issuerCertificateSerialNumber': 'string' }, 'deviceCertificateArn': 'string' }, 'expirationDate': datetime(2015, 1, 1), 'suppressIndefinitely': True|False, 'description': 'string' } **Response Structure** * *(dict) --* * **checkName** *(string) --* An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) * **resourceIdentifier** *(dict) --* Information that identifies the noncompliant resource. * **deviceCertificateId** *(string) --* The ID of the certificate attached to the resource. * **caCertificateId** *(string) --* The ID of the CA certificate used to authorize the certificate. * **cognitoIdentityPoolId** *(string) --* The ID of the Amazon Cognito identity pool. * **clientId** *(string) --* The client ID. * **policyVersionIdentifier** *(dict) --* The version of the policy associated with the resource. * **policyName** *(string) --* The name of the policy. * **policyVersionId** *(string) --* The ID of the version of the policy associated with the resource. * **account** *(string) --* The account with which the resource is associated. * **iamRoleArn** *(string) --* The ARN of the IAM role that has overly permissive actions. * **roleAliasArn** *(string) --* The ARN of the role alias that has overly permissive actions. * **issuerCertificateIdentifier** *(dict) --* The issuer certificate identifier. * **issuerCertificateSubject** *(string) --* The subject of the issuer certificate. * **issuerId** *(string) --* The issuer ID. * **issuerCertificateSerialNumber** *(string) --* The issuer certificate serial number. * **deviceCertificateArn** *(string) --* The ARN of the identified device certificate. * **expirationDate** *(datetime) --* The epoch timestamp in seconds at which this suppression expires. * **suppressIndefinitely** *(boolean) --* Indicates whether a suppression should exist indefinitely or not. * **description** *(string) --* The description of the audit suppression. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / list_job_executions_for_thing list_job_executions_for_thing ***************************** IoT.Client.list_job_executions_for_thing(**kwargs) Lists the job executions for the specified thing. Requires permission to access the ListJobExecutionsForThing action. See also: AWS API Documentation **Request Syntax** response = client.list_job_executions_for_thing( thingName='string', status='QUEUED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'TIMED_OUT'|'REJECTED'|'REMOVED'|'CANCELED', namespaceId='string', maxResults=123, nextToken='string', jobId='string' ) Parameters: * **thingName** (*string*) -- **[REQUIRED]** The thing name. * **status** (*string*) -- An optional filter that lets you search for jobs that have the specified status. * **namespaceId** (*string*) -- The namespace used to indicate that a job is a customer- managed job. When you specify a value for this parameter, Amazon Web Services IoT Core sends jobs notifications to MQTT topics that contain the value in the following format. "$aws/things/THING_NAME/jobs/JOB_ID/notify-namespace- NAMESPACE_ID/" Note: The "namespaceId" feature is only supported by IoT Greengrass at this time. For more information, see Setting up IoT Greengrass core devices. * **maxResults** (*integer*) -- The maximum number of results to be returned per request. * **nextToken** (*string*) -- The token to retrieve the next set of results. * **jobId** (*string*) -- The unique identifier you assigned to this job when it was created. Return type: dict Returns: **Response Syntax** { 'executionSummaries': [ { 'jobId': 'string', 'jobExecutionSummary': { 'status': 'QUEUED'|'IN_PROGRESS'|'SUCCEEDED'|'FAILED'|'TIMED_OUT'|'REJECTED'|'REMOVED'|'CANCELED', 'queuedAt': datetime(2015, 1, 1), 'startedAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'executionNumber': 123, 'retryAttempt': 123 } }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **executionSummaries** *(list) --* A list of job execution summaries. * *(dict) --* The job execution summary for a thing. * **jobId** *(string) --* The unique identifier you assigned to this job when it was created. * **jobExecutionSummary** *(dict) --* Contains a subset of information about a job execution. * **status** *(string) --* The status of the job execution. * **queuedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution was queued. * **startedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution started. * **lastUpdatedAt** *(datetime) --* The time, in seconds since the epoch, when the job execution was last updated. * **executionNumber** *(integer) --* A string (consisting of the digits "0" through "9") which identifies this particular job execution on this particular device. It can be used later in commands which return or update job execution information. * **retryAttempt** *(integer) --* The number that indicates how many retry attempts have been completed for this job on this device. * **nextToken** *(string) --* The token for the next set of results, or **null** if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ServiceUnavailableException" IoT / Client / list_scheduled_audits list_scheduled_audits ********************* IoT.Client.list_scheduled_audits(**kwargs) Lists all of your scheduled audits. Requires permission to access the ListScheduledAudits action. See also: AWS API Documentation **Request Syntax** response = client.list_scheduled_audits( nextToken='string', maxResults=123 ) Parameters: * **nextToken** (*string*) -- The token for the next set of results. * **maxResults** (*integer*) -- The maximum number of results to return at one time. The default is 25. Return type: dict Returns: **Response Syntax** { 'scheduledAudits': [ { 'scheduledAuditName': 'string', 'scheduledAuditArn': 'string', 'frequency': 'DAILY'|'WEEKLY'|'BIWEEKLY'|'MONTHLY', 'dayOfMonth': 'string', 'dayOfWeek': 'SUN'|'MON'|'TUE'|'WED'|'THU'|'FRI'|'SAT' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **scheduledAudits** *(list) --* The list of scheduled audits. * *(dict) --* Information about the scheduled audit. * **scheduledAuditName** *(string) --* The name of the scheduled audit. * **scheduledAuditArn** *(string) --* The ARN of the scheduled audit. * **frequency** *(string) --* How often the scheduled audit occurs. * **dayOfMonth** *(string) --* The day of the month on which the scheduled audit is run (if the "frequency" is "MONTHLY"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the "LAST" day of the month. * **dayOfWeek** *(string) --* The day of the week on which the scheduled audit is run (if the "frequency" is "WEEKLY" or "BIWEEKLY"). * **nextToken** *(string) --* A token that can be used to retrieve the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" IoT / Client / disable_topic_rule disable_topic_rule ****************** IoT.Client.disable_topic_rule(**kwargs) Disables the rule. Requires permission to access the DisableTopicRule action. See also: AWS API Documentation **Request Syntax** response = client.disable_topic_rule( ruleName='string' ) Parameters: **ruleName** (*string*) -- **[REQUIRED]** The name of the rule to disable. Returns: None **Exceptions** * "IoT.Client.exceptions.InternalException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ConflictingResourceUpdateException" IoT / Client / list_attached_policies list_attached_policies ********************** IoT.Client.list_attached_policies(**kwargs) Lists the policies attached to the specified thing group. Requires permission to access the ListAttachedPolicies action. See also: AWS API Documentation **Request Syntax** response = client.list_attached_policies( target='string', recursive=True|False, marker='string', pageSize=123 ) Parameters: * **target** (*string*) -- **[REQUIRED]** The group or principal for which the policies will be listed. Valid principals are CertificateArn (arn:aws:iot:*region*:*accountId*:cert/*certificateId*), thingGroupArn (arn:aws:iot:*region*:*accountId*:thinggroup/*groupName*) and CognitoId (*region*:*id*). * **recursive** (*boolean*) -- When true, recursively list attached policies. * **marker** (*string*) -- The token to retrieve the next set of results. * **pageSize** (*integer*) -- The maximum number of results to be returned per request. Return type: dict Returns: **Response Syntax** { 'policies': [ { 'policyName': 'string', 'policyArn': 'string' }, ], 'nextMarker': 'string' } **Response Structure** * *(dict) --* * **policies** *(list) --* The policies. * *(dict) --* Describes an IoT policy. * **policyName** *(string) --* The policy name. * **policyArn** *(string) --* The policy ARN. * **nextMarker** *(string) --* The token to retrieve the next set of results, or "null" if there are no more results. **Exceptions** * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.UnauthorizedException" * "IoT.Client.exceptions.ServiceUnavailableException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.LimitExceededException" IoT / Client / get_job_document get_job_document **************** IoT.Client.get_job_document(**kwargs) Gets a job document. Requires permission to access the GetJobDocument action. See also: AWS API Documentation **Request Syntax** response = client.get_job_document( jobId='string', beforeSubstitution=True|False ) Parameters: * **jobId** (*string*) -- **[REQUIRED]** The unique identifier you assigned to this job when it was created. * **beforeSubstitution** (*boolean*) -- Provides a view of the job document before and after the substitution parameters have been resolved with their exact values. Return type: dict Returns: **Response Syntax** { 'document': 'string' } **Response Structure** * *(dict) --* * **document** *(string) --* The job document content. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.ServiceUnavailableException" IoT / Client / start_on_demand_audit_task start_on_demand_audit_task ************************** IoT.Client.start_on_demand_audit_task(**kwargs) Starts an on-demand Device Defender audit. Requires permission to access the StartOnDemandAuditTask action. See also: AWS API Documentation **Request Syntax** response = client.start_on_demand_audit_task( targetCheckNames=[ 'string', ] ) Parameters: **targetCheckNames** (*list*) -- **[REQUIRED]** Which checks are performed during the audit. The checks you specify must be enabled for your account or an exception occurs. Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or "UpdateAccountAuditConfiguration" to select which checks are enabled. * *(string) --* An audit check name. Checks must be enabled for your account. (Use "DescribeAccountAuditConfiguration" to see the list of all checks, including those that are enabled or use "UpdateAccountAuditConfiguration" to select which checks are enabled.) Return type: dict Returns: **Response Syntax** { 'taskId': 'string' } **Response Structure** * *(dict) --* * **taskId** *(string) --* The ID of the on-demand audit you started. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.LimitExceededException" IoT / Client / list_commands list_commands ************* IoT.Client.list_commands(**kwargs) List all commands in your account. See also: AWS API Documentation **Request Syntax** response = client.list_commands( maxResults=123, nextToken='string', namespace='AWS-IoT'|'AWS-IoT-FleetWise', commandParameterName='string', sortOrder='ASCENDING'|'DESCENDING' ) Parameters: * **maxResults** (*integer*) -- The maximum number of results to return in this operation. By default, the API returns up to a maximum of 25 results. You can override this default value to return up to a maximum of 100 results for this operation. * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise "null" to receive the first set of results. * **namespace** (*string*) -- The namespace of the command. By default, the API returns all commands that have been created for both "AWS-IoT" and "AWS-IoT-FleetWise" namespaces. You can override this default value if you want to return all commands that have been created only for a specific namespace. * **commandParameterName** (*string*) -- A filter that can be used to display the list of commands that have a specific command parameter name. * **sortOrder** (*string*) -- Specify whether to list the commands that you have created in the ascending or descending order. By default, the API returns all commands in the descending order based on the time that they were created. Return type: dict Returns: **Response Syntax** { 'commands': [ { 'commandArn': 'string', 'commandId': 'string', 'displayName': 'string', 'deprecated': True|False, 'createdAt': datetime(2015, 1, 1), 'lastUpdatedAt': datetime(2015, 1, 1), 'pendingDeletion': True|False }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **commands** *(list) --* The list of commands. * *(dict) --* Summary information about a particular command resource. * **commandArn** *(string) --* The Amazon Resource Name (ARN) of the command. * **commandId** *(string) --* The unique identifier of the command. * **displayName** *(string) --* The display name of the command. * **deprecated** *(boolean) --* Indicates whether the command has been deprecated. * **createdAt** *(datetime) --* The timestamp, when the command was created. * **lastUpdatedAt** *(datetime) --* The timestamp, when the command was last updated. * **pendingDeletion** *(boolean) --* Indicates whether the command is pending deletion. * **nextToken** *(string) --* The token to use to get the next set of results, or "null" if there are no additional results. **Exceptions** * "IoT.Client.exceptions.ValidationException" * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" IoT / Client / list_billing_groups list_billing_groups ******************* IoT.Client.list_billing_groups(**kwargs) Lists the billing groups you have created. Requires permission to access the ListBillingGroups action. See also: AWS API Documentation **Request Syntax** response = client.list_billing_groups( nextToken='string', maxResults=123, namePrefixFilter='string' ) Parameters: * **nextToken** (*string*) -- To retrieve the next set of results, the "nextToken" value from a previous response; otherwise **null** to receive the first set of results. * **maxResults** (*integer*) -- The maximum number of results to return per request. * **namePrefixFilter** (*string*) -- Limit the results to billing groups whose names have the given prefix. Return type: dict Returns: **Response Syntax** { 'billingGroups': [ { 'groupName': 'string', 'groupArn': 'string' }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **billingGroups** *(list) --* The list of billing groups. * *(dict) --* The name and ARN of a group. * **groupName** *(string) --* The group name. * **groupArn** *(string) --* The group ARN. * **nextToken** *(string) --* The token to use to get the next set of results, or **null** if there are no additional results. **Exceptions** * "IoT.Client.exceptions.InvalidRequestException" * "IoT.Client.exceptions.InternalFailureException" * "IoT.Client.exceptions.ResourceNotFoundException" * "IoT.Client.exceptions.ThrottlingException" IoT / Client / list_packages list_packages ************* IoT.Client.list_packages(**kwargs) Lists the software packages associated to the account. Requires permission to access the ListPackages action. See also: AWS API Documentation **Request Syntax** response = client.list_packages( maxResults=123, nextToken='string' ) Parameters: * **maxResults** (*integer*) -- The maximum number of results returned at one time. * **nextToken** (*string*) -- The token for the next set of results. Return type: dict Returns: **Response Syntax** { 'packageSummaries': [ { 'packageName': 'string', 'defaultVersionName': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1) }, ], 'nextToken': 'string' } **Response Structure** * *(dict) --* * **packageSummaries** *(list) --* The software package summary. * *(dict) --* A summary of information about a software package. * **packageName** *(string) --* The name for the target software package. * **defaultVersionName** *(string) --* The name of the default package version. * **creationDate** *(datetime) --* The date that the package was created. * **lastModifiedDate** *(datetime) --* The date that the package was last updated. * **nextToken** *(string) --* The token for the next set of results. **Exceptions** * "IoT.Client.exceptions.ThrottlingException" * "IoT.Client.exceptions.InternalServerException" * "IoT.Client.exceptions.ValidationException"