AWS::Config::ConfigRule Source - AWS CloudFormation

AWS::Config::ConfigRule Source

Provides the AWS Config rule owner (AWS or customer), the rule identifier, and the events that trigger the evaluation of your AWS resources.


To declare this entity in your AWS CloudFormation template, use the following syntax:


{ "Owner" : String, "SourceDetails" : [ SourceDetail, ... ], "SourceIdentifier" : String }



Indicates whether AWS or the customer owns and manages the AWS Config rule.

Required: Yes

Type: String

Allowed values: AWS | CUSTOM_LAMBDA

Update requires: No interruption


Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.

Required: No

Type: List of SourceDetail

Maximum: 25

Update requires: No interruption


For AWS Config managed rules, a predefined identifier from a list. For example, IAM_PASSWORD_POLICY is a managed rule. To reference a managed rule, see Using AWS Managed Config Rules.

For custom rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name.

Required: Yes

Type: String

Minimum: 1

Maximum: 256

Update requires: No interruption