/* eslint-disable */
/**
 * This file was automatically generated by json-schema-to-typescript.
 * DO NOT MODIFY IT BY HAND. Instead, modify the source JSONSchema file,
 * and run json-schema-to-typescript to regenerate this file.
 */

/**
 * Configures the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled.
 */
export interface AwsIotAccountauditconfiguration {
  /**
   * Your 12-digit account ID (used as the primary identifier for the CloudFormation resource).
   */
  AccountId: string;
  AuditCheckConfigurations: AuditCheckConfigurations;
  AuditNotificationTargetConfigurations?: AuditNotificationTargetConfigurations;
  /**
   * The ARN of the role that grants permission to AWS IoT to access information about your devices, policies, certificates and other items as required when performing an audit.
   */
  RoleArn: string;
}
/**
 * Specifies which audit checks are enabled and disabled for this account.
 */
export interface AuditCheckConfigurations {
  AuthenticatedCognitoRoleOverlyPermissiveCheck?: AuditCheckConfiguration;
  CaCertificateExpiringCheck?: AuditCheckConfiguration;
  CaCertificateKeyQualityCheck?: AuditCheckConfiguration;
  ConflictingClientIdsCheck?: AuditCheckConfiguration;
  DeviceCertificateExpiringCheck?: AuditCheckConfiguration;
  DeviceCertificateKeyQualityCheck?: AuditCheckConfiguration;
  DeviceCertificateSharedCheck?: AuditCheckConfiguration;
  IotPolicyOverlyPermissiveCheck?: AuditCheckConfiguration;
  IotRoleAliasAllowsAccessToUnusedServicesCheck?: AuditCheckConfiguration;
  IotRoleAliasOverlyPermissiveCheck?: AuditCheckConfiguration;
  LoggingDisabledCheck?: AuditCheckConfiguration;
  RevokedCaCertificateStillActiveCheck?: AuditCheckConfiguration;
  RevokedDeviceCertificateStillActiveCheck?: AuditCheckConfiguration;
  UnauthenticatedCognitoRoleOverlyPermissiveCheck?: AuditCheckConfiguration;
  IntermediateCaRevokedForActiveDeviceCertificatesCheck?: AuditCheckConfiguration;
  IoTPolicyPotentialMisConfigurationCheck?: AuditCheckConfiguration;
}
/**
 * The configuration for a specific audit check.
 */
export interface AuditCheckConfiguration {
  /**
   * True if the check is enabled.
   */
  Enabled?: boolean;
}
/**
 * Information about the targets to which audit notifications are sent.
 */
export interface AuditNotificationTargetConfigurations {
  Sns?: AuditNotificationTarget;
}
export interface AuditNotificationTarget {
  /**
   * The ARN of the target (SNS topic) to which audit notifications are sent.
   */
  TargetArn?: string;
  /**
   * The ARN of the role that grants permission to send notifications to the target.
   */
  RoleArn?: string;
  /**
   * True if notifications to the target are enabled.
   */
  Enabled?: boolean;
}