Controltower
This page documents function available when using the Controltower module, created with @service Controltower.
Index
Main.Controltower.create_landing_zoneMain.Controltower.delete_landing_zoneMain.Controltower.disable_baselineMain.Controltower.disable_controlMain.Controltower.enable_baselineMain.Controltower.enable_controlMain.Controltower.get_baselineMain.Controltower.get_baseline_operationMain.Controltower.get_control_operationMain.Controltower.get_enabled_baselineMain.Controltower.get_enabled_controlMain.Controltower.get_landing_zoneMain.Controltower.get_landing_zone_operationMain.Controltower.list_baselinesMain.Controltower.list_control_operationsMain.Controltower.list_enabled_baselinesMain.Controltower.list_enabled_controlsMain.Controltower.list_landing_zonesMain.Controltower.list_tags_for_resourceMain.Controltower.reset_enabled_baselineMain.Controltower.reset_landing_zoneMain.Controltower.tag_resourceMain.Controltower.untag_resourceMain.Controltower.update_enabled_baselineMain.Controltower.update_enabled_controlMain.Controltower.update_landing_zone
Documentation
Main.Controltower.create_landing_zone — Methodcreate_landing_zone(manifest, version)
create_landing_zone(manifest, version, params::Dict{String,<:Any})Creates a new landing zone. This API call starts an asynchronous operation that creates and configures a landing zone, based on the parameters specified in the manifest JSON file.
Arguments
manifest: The manifest JSON file is a text file that describes your Amazon Web Services resources. For examples, review Launch your landing zone.version: The landing zone version, for example, 3.0.
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"tags": Tags to be applied to the landing zone.
Main.Controltower.delete_landing_zone — Methoddelete_landing_zone(landing_zone_identifier)
delete_landing_zone(landing_zone_identifier, params::Dict{String,<:Any})Decommissions a landing zone. This API call starts an asynchronous operation that deletes Amazon Web Services Control Tower resources deployed in accounts managed by Amazon Web Services Control Tower.
Arguments
landing_zone_identifier: The unique identifier of the landing zone.
Main.Controltower.disable_baseline — Methoddisable_baseline(enabled_baseline_identifier)
disable_baseline(enabled_baseline_identifier, params::Dict{String,<:Any})Disable an EnabledBaseline resource on the specified Target. This API starts an asynchronous operation to remove all resources deployed as part of the baseline enablement. The resource will vary depending on the enabled baseline. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
enabled_baseline_identifier: Identifier of the EnabledBaseline resource to be deactivated, in ARN format.
Main.Controltower.disable_control — Methoddisable_control(control_identifier, target_identifier)
disable_control(control_identifier, target_identifier, params::Dict{String,<:Any})This API call turns off a control. It starts an asynchronous operation that deletes AWS resources on the specified organizational unit and the accounts it contains. The resources will vary according to the control that you specify. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
control_identifier: The ARN of the control. Only Strongly recommended and Elective controls are permitted, with the exception of the Region deny control. For information on how to find the controlIdentifier, see the overview page.target_identifier: The ARN of the organizational unit. For information on how to find the targetIdentifier, see the overview page.
Main.Controltower.enable_baseline — Methodenable_baseline(baseline_identifier, baseline_version, target_identifier)
enable_baseline(baseline_identifier, baseline_version, target_identifier, params::Dict{String,<:Any})Enable (apply) a Baseline to a Target. This API starts an asynchronous operation to deploy resources specified by the Baseline to the specified Target. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
baseline_identifier: The ARN of the baseline to be enabled.baseline_version: The specific version to be enabled of the specified baseline.target_identifier: The ARN of the target on which the baseline will be enabled. Only OUs are supported as targets.
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"parameters": A list of key-value objects that specify enablement parameters, where key is a string and value is a document of any type."tags": Tags associated with input to EnableBaseline.
Main.Controltower.enable_control — Methodenable_control(control_identifier, target_identifier)
enable_control(control_identifier, target_identifier, params::Dict{String,<:Any})This API call activates a control. It starts an asynchronous operation that creates Amazon Web Services resources on the specified organizational unit and the accounts it contains. The resources created will vary according to the control that you specify. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
control_identifier: The ARN of the control. Only Strongly recommended and Elective controls are permitted, with the exception of the Region deny control. For information on how to find the controlIdentifier, see the overview page.target_identifier: The ARN of the organizational unit. For information on how to find the targetIdentifier, see the overview page.
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"parameters": A list of input parameter values, which are specified to configure the control when you enable it."tags": Tags to be applied to the EnabledControl resource.
Main.Controltower.get_baseline — Methodget_baseline(baseline_identifier)
get_baseline(baseline_identifier, params::Dict{String,<:Any})Retrieve details about an existing Baseline resource by specifying its identifier. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
baseline_identifier: The ARN of the Baseline resource to be retrieved.
Main.Controltower.get_baseline_operation — Methodget_baseline_operation(operation_identifier)
get_baseline_operation(operation_identifier, params::Dict{String,<:Any})Returns the details of an asynchronous baseline operation, as initiated by any of these APIs: EnableBaseline, DisableBaseline, UpdateEnabledBaseline, ResetEnabledBaseline. A status message is displayed in case of operation failure. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
operation_identifier: The operation ID returned from mutating asynchronous APIs (Enable, Disable, Update, Reset).
Main.Controltower.get_control_operation — Methodget_control_operation(operation_identifier)
get_control_operation(operation_identifier, params::Dict{String,<:Any})Returns the status of a particular EnableControl or DisableControl operation. Displays a message in case of error. Details for an operation are available for 90 days. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
operation_identifier: The ID of the asynchronous operation, which is used to track status. The operation is available for 90 days.
Main.Controltower.get_enabled_baseline — Methodget_enabled_baseline(enabled_baseline_identifier)
get_enabled_baseline(enabled_baseline_identifier, params::Dict{String,<:Any})Retrieve details of an EnabledBaseline resource by specifying its identifier.
Arguments
enabled_baseline_identifier: Identifier of the EnabledBaseline resource to be retrieved, in ARN format.
Main.Controltower.get_enabled_control — Methodget_enabled_control(enabled_control_identifier)
get_enabled_control(enabled_control_identifier, params::Dict{String,<:Any})Retrieves details about an enabled control. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
enabled_control_identifier: The controlIdentifier of the enabled control.
Main.Controltower.get_landing_zone — Methodget_landing_zone(landing_zone_identifier)
get_landing_zone(landing_zone_identifier, params::Dict{String,<:Any})Returns details about the landing zone. Displays a message in case of error.
Arguments
landing_zone_identifier: The unique identifier of the landing zone.
Main.Controltower.get_landing_zone_operation — Methodget_landing_zone_operation(operation_identifier)
get_landing_zone_operation(operation_identifier, params::Dict{String,<:Any})Returns the status of the specified landing zone operation. Details for an operation are available for 90 days.
Arguments
operation_identifier: A unique identifier assigned to a landing zone operation.
Main.Controltower.list_baselines — Methodlist_baselines()
list_baselines(params::Dict{String,<:Any})Returns a summary list of all available baselines. For usage examples, see the Amazon Web Services Control Tower User Guide .
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"maxResults": The maximum number of results to be shown."nextToken": A pagination token.
Main.Controltower.list_control_operations — Methodlist_control_operations()
list_control_operations(params::Dict{String,<:Any})Provides a list of operations in progress or queued.
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"filter": An input filter for the ListControlOperations API that lets you select the types of control operations to view."maxResults": The maximum number of results to be shown."nextToken": A pagination token.
Main.Controltower.list_enabled_baselines — Methodlist_enabled_baselines()
list_enabled_baselines(params::Dict{String,<:Any})Returns a list of summaries describing EnabledBaseline resources. You can filter the list by the corresponding Baseline or Target of the EnabledBaseline resources. For usage examples, see the Amazon Web Services Control Tower User Guide .
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"filter": A filter applied on the ListEnabledBaseline operation. Allowed filters are baselineIdentifiers and targetIdentifiers. The filter can be applied for either, or both."maxResults": The maximum number of results to be shown."nextToken": A pagination token.
Main.Controltower.list_enabled_controls — Methodlist_enabled_controls()
list_enabled_controls(params::Dict{String,<:Any})Lists the controls enabled by Amazon Web Services Control Tower on the specified organizational unit and the accounts it contains. For usage examples, see the Amazon Web Services Control Tower User Guide .
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"filter": An input filter for the ListCEnabledControls API that lets you select the types of control operations to view."maxResults": How many results to return per API call."nextToken": The token to continue the list from a previous API call with the same parameters."targetIdentifier": The ARN of the organizational unit. For information on how to find the targetIdentifier, see the overview page.
Main.Controltower.list_landing_zones — Methodlist_landing_zones()
list_landing_zones(params::Dict{String,<:Any})Returns the landing zone ARN for the landing zone deployed in your managed account. This API also creates an ARN for existing accounts that do not yet have a landing zone ARN. Returns one landing zone ARN.
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"maxResults": The maximum number of returned landing zone ARNs, which is one."nextToken": The token to continue the list from a previous API call with the same parameters.
Main.Controltower.list_tags_for_resource — Methodlist_tags_for_resource(resource_arn)
list_tags_for_resource(resource_arn, params::Dict{String,<:Any})Returns a list of tags associated with the resource. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
resource_arn: The ARN of the resource.
Main.Controltower.reset_enabled_baseline — Methodreset_enabled_baseline(enabled_baseline_identifier)
reset_enabled_baseline(enabled_baseline_identifier, params::Dict{String,<:Any})Re-enables an EnabledBaseline resource. For example, this API can re-apply the existing Baseline after a new member account is moved to the target OU. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
enabled_baseline_identifier: Specifies the ID of the EnabledBaseline resource to be re-enabled, in ARN format.
Main.Controltower.reset_landing_zone — Methodreset_landing_zone(landing_zone_identifier)
reset_landing_zone(landing_zone_identifier, params::Dict{String,<:Any})This API call resets a landing zone. It starts an asynchronous operation that resets the landing zone to the parameters specified in its original configuration.
Arguments
landing_zone_identifier: The unique identifier of the landing zone.
Main.Controltower.tag_resource — Methodtag_resource(resource_arn, tags)
tag_resource(resource_arn, tags, params::Dict{String,<:Any})Applies tags to a resource. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
resource_arn: The ARN of the resource to be tagged.tags: Tags to be applied to the resource.
Main.Controltower.untag_resource — Methoduntag_resource(resource_arn, tag_keys)
untag_resource(resource_arn, tag_keys, params::Dict{String,<:Any})Removes tags from a resource. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
resource_arn: The ARN of the resource.tag_keys: Tag keys to be removed from the resource.
Main.Controltower.update_enabled_baseline — Methodupdate_enabled_baseline(baseline_version, enabled_baseline_identifier)
update_enabled_baseline(baseline_version, enabled_baseline_identifier, params::Dict{String,<:Any})Updates an EnabledBaseline resource's applied parameters or version. For usage examples, see the Amazon Web Services Control Tower User Guide .
Arguments
baseline_version: Specifies the new Baseline version, to which the EnabledBaseline should be updated.enabled_baseline_identifier: Specifies the EnabledBaseline resource to be updated.
Optional Parameters
Optional parameters can be passed as a params::Dict{String,<:Any}. Valid keys are:
"parameters": Parameters to apply when making an update.
Main.Controltower.update_enabled_control — Methodupdate_enabled_control(enabled_control_identifier, parameters)
update_enabled_control(enabled_control_identifier, parameters, params::Dict{String,<:Any})Updates the configuration of an already enabled control. If the enabled control shows an EnablementStatus of SUCCEEDED, supply parameters that are different from the currently configured parameters. Otherwise, Amazon Web Services Control Tower will not accept the request. If the enabled control shows an EnablementStatus of FAILED, Amazon Web Services Control Tower will update the control to match any valid parameters that you supply. If the DriftSummary status for the control shows as DRIFTED, you cannot call this API. Instead, you can update the control by calling DisableControl and again calling EnableControl, or you can run an extending governance operation. For usage examples, see the Amazon Web Services Control Tower User Guide
Arguments
enabled_control_identifier: The ARN of the enabled control that will be updated.parameters: A key/value pair, where Key is of type String and Value is of type Document.
Main.Controltower.update_landing_zone — Methodupdate_landing_zone(landing_zone_identifier, manifest, version)
update_landing_zone(landing_zone_identifier, manifest, version, params::Dict{String,<:Any})This API call updates the landing zone. It starts an asynchronous operation that updates the landing zone based on the new landing zone version, or on the changed parameters specified in the updated manifest file.
Arguments
landing_zone_identifier: The unique identifier of the landing zone.manifest: The manifest JSON file is a text file that describes your Amazon Web Services resources. For examples, review Launch your landing zone.version: The landing zone version, for example, 3.2.