aws_sdk_controlcatalog/client/
get_control.rs

1// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
2impl super::Client {
3    /// Constructs a fluent builder for the [`GetControl`](crate::operation::get_control::builders::GetControlFluentBuilder) operation.
4    ///
5    /// - The fluent builder is configurable:
6    ///   - [`control_arn(impl Into<String>)`](crate::operation::get_control::builders::GetControlFluentBuilder::control_arn) / [`set_control_arn(Option<String>)`](crate::operation::get_control::builders::GetControlFluentBuilder::set_control_arn):<br>required: **true**<br><p>The Amazon Resource Name (ARN) of the control. It has one of the following formats:</p> <p><i>Global format</i></p> <p><code>arn:{PARTITION}:controlcatalog:::control/{CONTROL_CATALOG_OPAQUE_ID}</code></p> <p><i>Or Regional format</i></p> <p><code>arn:{PARTITION}:controltower:{REGION}::control/{CONTROL_TOWER_OPAQUE_ID}</code></p> <p>Here is a more general pattern that covers Amazon Web Services Control Tower and Control Catalog ARNs:</p> <p><code>^arn:(aws(?:\[-a-z\]*)?):(controlcatalog|controltower):\[a-zA-Z0-9-\]*::control/\[0-9a-zA-Z_\\-\]+$</code></p><br>
7    /// - On success, responds with [`GetControlOutput`](crate::operation::get_control::GetControlOutput) with field(s):
8    ///   - [`arn(String)`](crate::operation::get_control::GetControlOutput::arn): <p>The Amazon Resource Name (ARN) of the control.</p>
9    ///   - [`aliases(Option<Vec::<String>>)`](crate::operation::get_control::GetControlOutput::aliases): <p>A list of alternative identifiers for the control. These are human-readable designators, such as <code>SH.S3.1</code>. Several aliases can refer to the same control across different Amazon Web Services services or compliance frameworks.</p>
10    ///   - [`name(String)`](crate::operation::get_control::GetControlOutput::name): <p>The display name of the control.</p>
11    ///   - [`description(String)`](crate::operation::get_control::GetControlOutput::description): <p>A description of what the control does.</p>
12    ///   - [`behavior(ControlBehavior)`](crate::operation::get_control::GetControlOutput::behavior): <p>A term that identifies the control's functional behavior. One of <code>Preventive</code>, <code>Detective</code>, <code>Proactive</code></p>
13    ///   - [`severity(Option<ControlSeverity>)`](crate::operation::get_control::GetControlOutput::severity): <p>An enumerated type, with the following possible values:</p>
14    ///   - [`region_configuration(Option<RegionConfiguration>)`](crate::operation::get_control::GetControlOutput::region_configuration): <p>Returns information about the control, including the scope of the control, if enabled, and the Regions in which the control is available for deployment. For more information about scope, see <a href="https://docs.aws.amazon.com/whitepapers/latest/aws-fault-isolation-boundaries/global-services.html">Global services</a>.</p> <p>If you are applying controls through an Amazon Web Services Control Tower landing zone environment, remember that the values returned in the <code>RegionConfiguration</code> API operation are not related to the governed Regions in your landing zone. For example, if you are governing Regions <code>A</code>,<code>B</code>,and <code>C</code> while the control is available in Regions <code>A</code>, <code>B</code>, C<code>,</code> and <code>D</code>, you'd see a response with <code>DeployableRegions</code> of <code>A</code>, <code>B</code>, <code>C</code>, and <code>D</code> for a control with <code>REGIONAL</code> scope, even though you may not intend to deploy the control in Region <code>D</code>, because you do not govern it through your landing zone.</p>
15    ///   - [`implementation(Option<ImplementationDetails>)`](crate::operation::get_control::GetControlOutput::implementation): <p>Returns information about the control, as an <code>ImplementationDetails</code> object that shows the underlying implementation type for a control.</p>
16    ///   - [`parameters(Option<Vec::<ControlParameter>>)`](crate::operation::get_control::GetControlOutput::parameters): <p>Returns an array of <code>ControlParameter</code> objects that specify the parameters a control supports. An empty list is returned for controls that don’t support parameters.</p>
17    ///   - [`create_time(Option<DateTime>)`](crate::operation::get_control::GetControlOutput::create_time): <p>A timestamp that notes the time when the control was released (start of its life) as a governance capability in Amazon Web Services.</p>
18    ///   - [`governed_resources(Option<Vec::<String>>)`](crate::operation::get_control::GetControlOutput::governed_resources): <p>A list of Amazon Web Services resource types that are governed by this control. This information helps you understand which controls can govern certain types of resources, and conversely, which resources are affected when the control is implemented. The resources are represented as Amazon Web Services CloudFormation resource types. If <code>GovernedResources</code> cannot be represented by available CloudFormation resource types, it’s returned as an empty list.</p>
19    /// - On failure, responds with [`SdkError<GetControlError>`](crate::operation::get_control::GetControlError)
20    pub fn get_control(&self) -> crate::operation::get_control::builders::GetControlFluentBuilder {
21        crate::operation::get_control::builders::GetControlFluentBuilder::new(self.handle.clone())
22    }
23}