feat(client-controltower): Added new EnabledControl resource details …

…to ListEnabledControls API and added new GetEnabledControl API.
aws · Oct 12, 2023 · 784c6fb · 784c6fb
1 parent 87763f3
commit 784c6fb
Show file tree

Hide file tree

Showing 13 changed files with 1,061 additions and 103 deletions.
diff --git a/clients/client-controltower/README.md b/clients/client-controltower/README.md
@@ -6,22 +6,31 @@
 
 AWS SDK for JavaScript ControlTower Client for Node.js, Browser and React Native.
 
-<p>These interfaces allow you to apply the AWS library of pre-defined <i>controls</i> to your
-organizational units, programmatically. In this context, controls are the same as AWS Control Tower guardrails.</p>
+<p>These interfaces allow you to apply the AWS library of pre-defined
+<i>controls</i> to your organizational units, programmatically. In AWS Control Tower, the terms "control" and "guardrail" are synonyms.   .</p>
 <p>To call these APIs, you'll need to know:</p>
 <ul>
 <li>
-<p>the <code>ControlARN</code> for the control--that is, the
-guardrail--you are targeting,</p>
+<p>the <code>controlIdentifier</code> for the control--or guardrail--you are targeting.</p>
 </li>
 <li>
-<p>and the ARN associated with the target organizational unit (OU).</p>
+<p>the ARN associated with the target organizational unit (OU), which we call the <code>targetIdentifier</code>.</p>
 </li>
 </ul>
 <p>
-<b>To get the <code>ControlARN</code> for your AWS Control Tower guardrail:</b>
+<b>To get the <code>controlIdentifier</code> for your AWS Control Tower
+control:</b>
 </p>
-<p>The <code>ControlARN</code> contains the control name which is specified in each guardrail. For a list of control names for <i>Strongly recommended</i> and <i>Elective</i> guardrails, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html">Resource identifiers for APIs and guardrails</a> in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/automating-tasks.html">Automating tasks section</a> of the AWS Control Tower User Guide. Remember that <i>Mandatory</i> guardrails cannot be added or removed.</p>
+<p>The <code>controlIdentifier</code> is an ARN that is specified for each
+control. You can view the <code>controlIdentifier</code> in the console on the <b>Control details</b> page, as well as in the documentation.</p>
+<p>The <code>controlIdentifier</code> is unique in each AWS Region for each control. You can
+find the <code>controlIdentifier</code> for each Region and control in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html">Tables of control metadata</a> in the <i>AWS Control Tower User Guide.</i>
+</p>
+<p>A quick-reference list of control identifers for the AWS Control Tower legacy <i>Strongly recommended</i> and
+<i>Elective</i> controls is given in <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html">Resource identifiers for
+APIs and guardrails</a> in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">Controls reference guide section</a>
+of the <i>AWS Control Tower User Guide</i>. Remember that <i>Mandatory</i> controls
+cannot be added or removed.</p>
 <note>
 <p>
 <b>ARN format:</b>
@@ -35,8 +44,9 @@ guardrail--you are targeting,</p>
 </p>
 </note>
 <p>
-<b>To get the ARN for an OU:</b>
+<b>To get the <code>targetIdentifier</code>:</b>
 </p>
+<p>The <code>targetIdentifier</code> is the ARN for an OU.</p>
 <p>In the AWS Organizations console, you can find the ARN for the OU on the <b>Organizational unit details</b> page associated with that OU.</p>
 <note>
 <p>
@@ -52,17 +62,32 @@ guardrail--you are targeting,</p>
 <ul>
 <li>
 <p>
-<a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">List of resource identifiers for APIs and guardrails</a>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-api-examples-short.html">Control API input and output examples with CLI</a>
+</p>
+</li>
+<li>
+<p>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html">Enable controls with CloudFormation</a>
 </p>
 </li>
 <li>
 <p>
-<a href="https://docs.aws.amazon.com/controltower/latest/userguide/guardrail-api-examples-short.html">Guardrail API examples (CLI)</a>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html">Control metadata tables</a>
 </p>
 </li>
 <li>
 <p>
-<a href="https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html">Enable controls with AWS CloudFormation</a>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">List of identifiers for legacy controls</a>
+</p>
+</li>
+<li>
+<p>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/controls.html">Controls reference guide</a>
+</p>
+</li>
+<li>
+<p>
+<a href="https://docs.aws.amazon.com/controltower/latest/userguide/controls-reference.html">Controls library groupings</a>
 </p>
 </li>
 <li>
@@ -76,7 +101,14 @@ guardrail--you are targeting,</p>
 <p>
 <b>Recording API Requests</b>
 </p>
-<p>AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine which requests the AWS Control Tower service received, who made the request and when, and so on. For more about AWS Control Tower and its support for CloudTrail, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html">Logging AWS Control Tower Actions with AWS CloudTrail</a> in the AWS Control Tower User Guide. To learn more about CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User Guide.</p>
+<p>AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your
+AWS account and delivers log files to an Amazon S3 bucket. By using information collected by
+CloudTrail, you can determine which requests the AWS Control Tower service received, who made
+the request and when, and so on. For more about AWS Control Tower and its support for
+CloudTrail, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html">Logging AWS Control Tower
+Actions with AWS CloudTrail</a> in the AWS Control Tower User Guide. To learn more about
+CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User
+Guide.</p>
 
 ## Installing
 
@@ -296,6 +328,14 @@ GetControlOperation
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/classes/getcontroloperationcommand.html) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/interfaces/getcontroloperationcommandinput.html) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/interfaces/getcontroloperationcommandoutput.html)
 
+</details>
+<details>
+<summary>
+GetEnabledControl
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/classes/getenabledcontrolcommand.html) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/interfaces/getenabledcontrolcommandinput.html) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-controltower/interfaces/getenabledcontrolcommandoutput.html)
+
 </details>
 <details>
 <summary>

diff --git a/clients/client-controltower/src/ControlTower.ts b/clients/client-controltower/src/ControlTower.ts
@@ -17,6 +17,11 @@ import {
   GetControlOperationCommandInput,
   GetControlOperationCommandOutput,
 } from "./commands/GetControlOperationCommand";
+import {
+  GetEnabledControlCommand,
+  GetEnabledControlCommandInput,
+  GetEnabledControlCommandOutput,
+} from "./commands/GetEnabledControlCommand";
 import {
   ListEnabledControlsCommand,
   ListEnabledControlsCommandInput,
@@ -28,6 +33,7 @@ const commands = {
   DisableControlCommand,
   EnableControlCommand,
   GetControlOperationCommand,
+  GetEnabledControlCommand,
   ListEnabledControlsCommand,
 };
 
@@ -74,6 +80,23 @@ export interface ControlTower {
     cb: (err: any, data?: GetControlOperationCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link GetEnabledControlCommand}
+   */
+  getEnabledControl(
+    args: GetEnabledControlCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<GetEnabledControlCommandOutput>;
+  getEnabledControl(
+    args: GetEnabledControlCommandInput,
+    cb: (err: any, data?: GetEnabledControlCommandOutput) => void
+  ): void;
+  getEnabledControl(
+    args: GetEnabledControlCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: GetEnabledControlCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link ListEnabledControlsCommand}
    */
@@ -94,22 +117,31 @@ export interface ControlTower {
 
 /**
  * @public
- * <p>These interfaces allow you to apply the AWS library of pre-defined <i>controls</i> to your
- * organizational units, programmatically. In this context, controls are the same as AWS Control Tower guardrails.</p>
+ * <p>These interfaces allow you to apply the AWS library of pre-defined
+ *       <i>controls</i> to your organizational units, programmatically. In AWS Control Tower, the terms "control" and "guardrail" are synonyms.   .</p>
  *          <p>To call these APIs, you'll need to know:</p>
  *          <ul>
  *             <li>
- *                <p>the <code>ControlARN</code> for the control--that is, the
- *         guardrail--you are targeting,</p>
+ *                <p>the <code>controlIdentifier</code> for the control--or guardrail--you are targeting.</p>
  *             </li>
  *             <li>
- *                <p>and the ARN associated with the target organizational unit (OU).</p>
+ *                <p>the ARN associated with the target organizational unit (OU), which we call the <code>targetIdentifier</code>.</p>
  *             </li>
  *          </ul>
  *          <p>
- *             <b>To get the <code>ControlARN</code> for your AWS Control Tower guardrail:</b>
+ *             <b>To get the <code>controlIdentifier</code> for your AWS Control Tower
+ *         control:</b>
+ *          </p>
+ *          <p>The <code>controlIdentifier</code> is an ARN that is specified for each
+ *       control. You can view the <code>controlIdentifier</code> in the console on the <b>Control details</b> page, as well as in the documentation.</p>
+ *          <p>The <code>controlIdentifier</code> is unique in each AWS Region for each control. You can
+ *       find the <code>controlIdentifier</code> for each Region and control in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html">Tables of control metadata</a> in the <i>AWS Control Tower User Guide.</i>
  *          </p>
- *          <p>The <code>ControlARN</code> contains the control name which is specified in each guardrail. For a list of control names for <i>Strongly recommended</i> and <i>Elective</i> guardrails, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html">Resource identifiers for APIs and guardrails</a> in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/automating-tasks.html">Automating tasks section</a> of the AWS Control Tower User Guide. Remember that <i>Mandatory</i> guardrails cannot be added or removed.</p>
+ *          <p>A quick-reference list of control identifers for the AWS Control Tower legacy <i>Strongly recommended</i> and
+ *         <i>Elective</i> controls is given in <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html">Resource identifiers for
+ *         APIs and guardrails</a> in the <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">Controls reference guide section</a>
+ *       of the <i>AWS Control Tower User Guide</i>. Remember that <i>Mandatory</i> controls
+ *       cannot be added or removed.</p>
  *          <note>
  *             <p>
  *                <b>ARN format:</b>
@@ -123,8 +155,9 @@ export interface ControlTower {
  *             </p>
  *          </note>
  *          <p>
- *             <b>To get the ARN for an OU:</b>
+ *             <b>To get the <code>targetIdentifier</code>:</b>
  *          </p>
+ *          <p>The <code>targetIdentifier</code> is the ARN for an OU.</p>
  *          <p>In the AWS Organizations console, you can find the ARN for the OU on the <b>Organizational unit details</b> page associated with that OU.</p>
  *          <note>
  *             <p>
@@ -140,17 +173,32 @@ export interface ControlTower {
  *          <ul>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">List of resource identifiers for APIs and guardrails</a>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-api-examples-short.html">Control API input and output examples with CLI</a>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html">Enable controls with CloudFormation</a>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-metadata-tables.html">Control metadata tables</a>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html">List of identifiers for legacy controls</a>
  *                </p>
  *             </li>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/guardrail-api-examples-short.html">Guardrail API examples (CLI)</a>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/controls.html">Controls reference guide</a>
  *                </p>
  *             </li>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/enable-controls.html">Enable controls with AWS CloudFormation</a>
+ *                   <a href="https://docs.aws.amazon.com/controltower/latest/userguide/controls-reference.html">Controls library groupings</a>
  *                </p>
  *             </li>
  *             <li>
@@ -164,7 +212,14 @@ export interface ControlTower {
  *          <p>
  *             <b>Recording API Requests</b>
  *          </p>
- *          <p>AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine which requests the AWS Control Tower service received, who made the request and when, and so on. For more about AWS Control Tower and its support for CloudTrail, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html">Logging AWS Control Tower Actions with AWS CloudTrail</a> in the AWS Control Tower User Guide. To learn more about CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User Guide.</p>
+ *          <p>AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your
+ *       AWS account and delivers log files to an Amazon S3 bucket. By using information collected by
+ *       CloudTrail, you can determine which requests the AWS Control Tower service received, who made
+ *       the request and when, and so on. For more about AWS Control Tower and its support for
+ *       CloudTrail, see <a href="https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html">Logging AWS Control Tower
+ *         Actions with AWS CloudTrail</a> in the AWS Control Tower User Guide. To learn more about
+ *       CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User
+ *       Guide.</p>
  */
 export class ControlTower extends ControlTowerClient implements ControlTower {}
 createAggregatedClient(commands, ControlTower);