ManagedRuleProps

class aws_cdk.aws_config.ManagedRuleProps(*, config_rule_name=None, description=None, input_parameters=None, maximum_execution_frequency=None, rule_scope=None, identifier)

Bases: RuleProps

Construction properties for a ManagedRule.

Parameters:

  • config_rule_name (Optional[str]) – A name for the AWS Config rule. Default: - CloudFormation generated name

  • description (Optional[str]) – A description about this AWS Config rule. Default: - No description

  • input_parameters (Optional[Mapping[str, Any]]) – Input parameter values that are passed to the AWS Config rule. Default: - No input parameters

  • maximum_execution_frequency (Optional[MaximumExecutionFrequency]) – The maximum frequency at which the AWS Config rule runs evaluations. Default: MaximumExecutionFrequency.TWENTY_FOUR_HOURS

  • rule_scope (Optional[RuleScope]) – Defines which resources trigger an evaluation for an AWS Config rule. Default: - evaluations for the rule are triggered when any resource in the recording group changes.

  • identifier (str) – The identifier of the AWS managed rule.

ExampleMetadata:

infused

Example:

# https://docs.aws.amazon.com/config/latest/developerguide/access-keys-rotated.html
config.ManagedRule(self, "AccessKeysRotated",
    identifier=config.ManagedRuleIdentifiers.ACCESS_KEYS_ROTATED,
    input_parameters={
        "max_access_key_age": 60
    },

    # default is 24 hours
    maximum_execution_frequency=config.MaximumExecutionFrequency.TWELVE_HOURS
)

Attributes

config_rule_name

A name for the AWS Config rule.

Default:

  • CloudFormation generated name

description

A description about this AWS Config rule.

Default:

  • No description

identifier

The identifier of the AWS managed rule.

See:

https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html

input_parameters

Input parameter values that are passed to the AWS Config rule.

Default:

  • No input parameters

maximum_execution_frequency

The maximum frequency at which the AWS Config rule runs evaluations.

Default:

MaximumExecutionFrequency.TWENTY_FOUR_HOURS

rule_scope

Defines which resources trigger an evaluation for an AWS Config rule.

Default:

  • evaluations for the rule are triggered when any resource in the recording group changes.