HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux ip-172-31-42-149 5.15.0-1084-aws #91~20.04.1-Ubuntu SMP Fri May 2 07:00:04 UTC 2025 aarch64
User: ubuntu (1000)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Upload Files
File: //usr/local/aws-cli/v2/dist/awscli/examples/iot/describe-account-audit-configuration.rst
**To view current audit configuration settings**

The following ``describe-account-audit-configuration`` example lists the current settings for your AWS IoT Device Defender audit configuration. ::

    aws iot describe-account-audit-configuration

Output::

    {
        "roleArn": "arn:aws:iam::123456789012:role/service-role/AWSIoTDeviceDefenderAudit_1551201085996",
        "auditNotificationTargetConfigurations": {
            "SNS": {
                "targetArn": "arn:aws:sns:us-west-2:123456789012:ddaudits",
                "roleArn": "arn:aws:iam::123456789012:role/service-role/AWSIoTDeviceDefenderAudit",
                "enabled": true
            }
        },
        "auditCheckConfigurations": {
            "AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK": {
                "enabled": true
            },
            "CA_CERTIFICATE_EXPIRING_CHECK": {
                "enabled": true
            },
            "CONFLICTING_CLIENT_IDS_CHECK": {
                "enabled": true
            },
            "DEVICE_CERTIFICATE_EXPIRING_CHECK": {
                "enabled": true
            },
            "DEVICE_CERTIFICATE_SHARED_CHECK": {
                "enabled": true
            },
            "IOT_POLICY_OVERLY_PERMISSIVE_CHECK": {
                "enabled": true
            },
            "LOGGING_DISABLED_CHECK": {
                "enabled": true
            },
            "REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK": {
                "enabled": true
            },
            "REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK": {
                "enabled": true
            },
            "UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK": {
                "enabled": true
            }
        }
    }

For more information, see `Audit Commands <https://docs.aws.amazon.com/iot/latest/developerguide/AuditCommands.html>`__ in the *AWS IoT Developer Guide*.