Class CfnAccountAuditConfigurationProps
Properties for defining a CfnAccountAuditConfiguration
.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.IoT
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnAccountAuditConfigurationProps : Object, ICfnAccountAuditConfigurationProps
Syntax (vb)
Public Class CfnAccountAuditConfigurationProps
Inherits Object
Implements ICfnAccountAuditConfigurationProps
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.IoT;
var cfnAccountAuditConfigurationProps = new CfnAccountAuditConfigurationProps {
AccountId = "accountId",
AuditCheckConfigurations = new AuditCheckConfigurationsProperty {
AuthenticatedCognitoRoleOverlyPermissiveCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
CaCertificateExpiringCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
CaCertificateKeyQualityCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
ConflictingClientIdsCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
DeviceCertificateExpiringCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
DeviceCertificateKeyQualityCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
DeviceCertificateSharedCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
IntermediateCaRevokedForActiveDeviceCertificatesCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
IotPolicyOverlyPermissiveCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
IoTPolicyPotentialMisConfigurationCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
IotRoleAliasAllowsAccessToUnusedServicesCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
IotRoleAliasOverlyPermissiveCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
LoggingDisabledCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
RevokedCaCertificateStillActiveCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
RevokedDeviceCertificateStillActiveCheck = new AuditCheckConfigurationProperty {
Enabled = false
},
UnauthenticatedCognitoRoleOverlyPermissiveCheck = new AuditCheckConfigurationProperty {
Enabled = false
}
},
RoleArn = "roleArn",
// the properties below are optional
AuditNotificationTargetConfigurations = new AuditNotificationTargetConfigurationsProperty {
Sns = new AuditNotificationTargetProperty {
Enabled = false,
RoleArn = "roleArn",
TargetArn = "targetArn"
}
}
};
Synopsis
Constructors
CfnAccountAuditConfigurationProps() |
Properties
AccountId | The ID of the account. |
AuditCheckConfigurations | Specifies which audit checks are enabled and disabled for this account. |
AuditNotificationTargetConfigurations | Information about the targets to which audit notifications are sent. |
RoleArn | The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit. |
Constructors
CfnAccountAuditConfigurationProps()
public CfnAccountAuditConfigurationProps()
Properties
AccountId
The ID of the account.
public string AccountId { get; set; }
Property Value
System.String
Remarks
You can use the expression !Sub "${AWS::AccountId}"
to use your account ID.
AuditCheckConfigurations
Specifies which audit checks are enabled and disabled for this account.
public object AuditCheckConfigurations { get; set; }
Property Value
System.Object
Remarks
Some data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the Enabled:
key to false
.
If an enabled check is removed from the template, it will also be disabled.
You can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.
For more information on avialbe auidt checks see AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations
AuditNotificationTargetConfigurations
Information about the targets to which audit notifications are sent.
public object AuditNotificationTargetConfigurations { get; set; }
Property Value
System.Object
Remarks
RoleArn
The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.
public string RoleArn { get; set; }
Property Value
System.String