ConfigService / Client / delete_organization_conformance_pack
delete_organization_conformance_pack¶
- ConfigService.Client.delete_organization_conformance_pack(**kwargs)¶
Deletes the specified organization conformance pack and all of the Config rules and remediation actions from all member accounts in that organization.
Only a management account or a delegated administrator account can delete an organization conformance pack. When calling this API with a delegated administrator, you must ensure Organizations
ListDelegatedAdministrator
permissions are added.Config sets the state of a conformance pack to DELETE_IN_PROGRESS until the deletion is complete. You cannot update a conformance pack while it is in this state.
Note
Recommendation: Consider excluding the
AWS::Config::ResourceCompliance
resource type from recording before deleting rulesDeleting rules creates configuration items (CIs) for
AWS::Config::ResourceCompliance
that can affect your costs for the configuration recorder. If you are deleting rules which evaluate a large number of resource types, this can lead to a spike in the number of CIs recorded.To avoid the associated costs, you can opt to disable recording for the
AWS::Config::ResourceCompliance
resource type before deleting rules, and re-enable recording after the rules have been deleted.However, since deleting rules is an asynchronous process, it might take an hour or more to complete. During the time when recording is disabled for
AWS::Config::ResourceCompliance
, rule evaluations will not be recorded in the associated resource’s history.See also: AWS API Documentation
Request Syntax
response = client.delete_organization_conformance_pack( OrganizationConformancePackName='string' )
- Parameters:
OrganizationConformancePackName (string) –
[REQUIRED]
The name of organization conformance pack that you want to delete.
- Returns:
None
Exceptions