/
doc.go
57 lines (56 loc) · 4.4 KB
/
doc.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
// Code generated by smithy-go-codegen DO NOT EDIT.
// Package controltower provides the API client, operations, and parameter types
// for AWS Control Tower.
//
// These interfaces allow you to apply the Amazon Web Services library of
// pre-defined controls to your organizational units, programmatically. In Amazon
// Web Services Control Tower, the terms "control" and "guardrail" are synonyms. To
// call these APIs, you'll need to know:
// - the controlIdentifier for the control--or guardrail--you are targeting.
// - the ARN associated with the target organizational unit (OU), which we call
// the targetIdentifier .
// - the ARN associated with a resource that you wish to tag or untag.
//
// To get the controlIdentifier for your Amazon Web Services Control Tower
// control: The controlIdentifier is an ARN that is specified for each control.
// You can view the controlIdentifier in the console on the Control details page,
// as well as in the documentation. The controlIdentifier is unique in each Amazon
// Web Services Region for each control. You can find the controlIdentifier for
// each Region and control in the Tables of control metadata (https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html)
// in the Amazon Web Services Control Tower User Guide. A quick-reference list of
// control identifers for the Amazon Web Services Control Tower legacy Strongly
// recommended and Elective controls is given in Resource identifiers for APIs and
// controls (https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html)
// in the Controls reference guide section (https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html)
// of the Amazon Web Services Control Tower User Guide. Remember that Mandatory
// controls cannot be added or removed. ARN format:
// arn:aws:controltower:{REGION}::control/{CONTROL_NAME} Example:
// arn:aws:controltower:us-west-2::control/AWS-GR_AUTOSCALING_LAUNCH_CONFIG_PUBLIC_IP_DISABLED
// To get the targetIdentifier : The targetIdentifier is the ARN for an OU. In the
// Amazon Web Services Organizations console, you can find the ARN for the OU on
// the Organizational unit details page associated with that OU. OU ARN format:
// arn:${Partition}:organizations::${MasterAccountId}:ou/o-${OrganizationId}/ou-${OrganizationalUnitId}
// Details and examples
// - Control API input and output examples with CLI (https://docs.aws.amazon.com/controltower/latest/userguide/control-api-examples-short.html)
// - Enable controls with CloudFormation (https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html)
// - Control metadata tables (https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html)
// - List of identifiers for legacy controls (https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html)
// - Controls reference guide (https://docs.aws.amazon.com/controltower/latest/userguide/controls.html)
// - Controls library groupings (https://docs.aws.amazon.com/controltower/latest/userguide/controls-reference.html)
// - Creating Amazon Web Services Control Tower resources with Amazon Web
// Services CloudFormation (https://docs.aws.amazon.com/controltower/latest/userguide/creating-resources-with-cloudformation.html)
//
// To view the open source resource repository on GitHub, see
// aws-cloudformation/aws-cloudformation-resource-providers-controltower (https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-controltower)
// Recording API Requests Amazon Web Services Control Tower supports Amazon Web
// Services CloudTrail, a service that records Amazon Web Services API calls for
// your Amazon Web Services account and delivers log files to an Amazon S3 bucket.
// By using information collected by CloudTrail, you can determine which requests
// the Amazon Web Services Control Tower service received, who made the request and
// when, and so on. For more about Amazon Web Services Control Tower and its
// support for CloudTrail, see Logging Amazon Web Services Control Tower Actions
// with Amazon Web Services CloudTrail (https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html)
// in the Amazon Web Services Control Tower User Guide. To learn more about
// CloudTrail, including how to turn it on and find your log files, see the Amazon
// Web Services CloudTrail User Guide.
package controltower