Class CfnConfigRule
A CloudFormation AWS::Config::ConfigRule.
Inherited Members
Namespace: Amazon.CDK.AWS.Config
Assembly: Amazon.CDK.AWS.Config.dll
Syntax (csharp)
public class CfnConfigRule : CfnResource, IConstruct, IConstruct, IDependable, IInspectableSyntax (vb)
Public Class CfnConfigRule
Inherits CfnResource
Implements IConstruct, IConstruct, IDependable, IInspectableRemarks
Specifies an AWS Config rule for evaluating whether your AWS resources comply with your desired configurations.
You can use this action for custom AWS Config rules and AWS managed Config rules. A custom AWS Config rule is a rule that you develop and maintain. An AWS managed Config rule is a customizable, predefined rule that AWS Config provides.
If you are adding a new custom AWS Config rule, you must first create the AWS Lambda function that the rule invokes to evaluate your resources. When you use the PutConfigRule action to add the rule to AWS Config , you must specify the Amazon Resource Name (ARN) that AWS Lambda assigns to the function. Specify the ARN for the SourceIdentifier key. This key is part of the Source object, which is part of the ConfigRule object.
If you are adding an AWS managed Config rule, specify the rule's identifier for the SourceIdentifier key. To reference AWS managed Config rule identifiers, see About AWS Managed Config Rules .
For any new rule that you add, specify the ConfigRuleName in the ConfigRule object. Do not specify the ConfigRuleArn or the ConfigRuleId . These values are generated by AWS Config for new rules.
If you are updating a rule that you added previously, you can specify the rule by ConfigRuleName , ConfigRuleId , or ConfigRuleArn in the ConfigRule data type that you use in this request.
The maximum number of rules that AWS Config supports is 400.
For information about requesting a rule limit increase, see AWS Config endpoints and quotas in the AWS General Reference Guide .
For more information about developing and using AWS Config rules, see Evaluating AWS Resource Configurations with AWS Config in the AWS Config Developer Guide .
CloudformationResource: AWS::Config::ConfigRule
Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configrule.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.Config;
var inputParameters;
CfnConfigRule cfnConfigRule = new CfnConfigRule(this, "MyCfnConfigRule", new CfnConfigRuleProps {
Source = new SourceProperty {
Owner = "owner",
SourceIdentifier = "sourceIdentifier",
// the properties below are optional
SourceDetails = new [] { new SourceDetailProperty {
EventSource = "eventSource",
MessageType = "messageType",
// the properties below are optional
MaximumExecutionFrequency = "maximumExecutionFrequency"
} }
},
// the properties below are optional
ConfigRuleName = "configRuleName",
Description = "description",
InputParameters = inputParameters,
MaximumExecutionFrequency = "maximumExecutionFrequency",
Scope = new ScopeProperty {
ComplianceResourceId = "complianceResourceId",
ComplianceResourceTypes = new [] { "complianceResourceTypes" },
TagKey = "tagKey",
TagValue = "tagValue"
}
});Synopsis
Constructors
| CfnConfigRule(Construct, String, ICfnConfigRuleProps) | Create a new |
| CfnConfigRule(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
| CfnConfigRule(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
| AttrArn | The Amazon Resource Name (ARN) of the AWS Config rule, such as |
| AttrComplianceType | The compliance status of an AWS Config rule, such as |
| AttrConfigRuleId | The ID of the AWS Config rule, such as |
| CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
| CfnProperties | |
| ConfigRuleName | A name for the AWS Config rule. |
| Description | The description that you provide for the AWS Config rule. |
| InputParameters | A string, in JSON format, that is passed to the AWS Config rule Lambda function. |
| MaximumExecutionFrequency | The maximum frequency with which AWS Config runs evaluations for a rule. |
| Scope | Defines which resources can trigger an evaluation for the rule. |
| Source | Provides the rule owner ( AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources. |
Methods
| Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
| RenderProperties(IDictionary<String, Object>) |
Constructors
CfnConfigRule(Construct, String, ICfnConfigRuleProps)
Create a new AWS::Config::ConfigRule.
public CfnConfigRule(Construct scope, string id, ICfnConfigRuleProps props)Parameters
- scope Construct
- scope in which this resource is defined.
- id System.String
- scoped id of the resource.
- props ICfnConfigRuleProps
- resource properties.
CfnConfigRule(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnConfigRule(ByRefValue reference)Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnConfigRule(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnConfigRule(DeputyBase.DeputyProps props)Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
AttrArn
The Amazon Resource Name (ARN) of the AWS Config rule, such as arn:aws:config:us-east-1:123456789012:config-rule/config-rule-a1bzhi .
public virtual string AttrArn { get; }Property Value
System.String
Remarks
CloudformationAttribute: Arn
AttrComplianceType
The compliance status of an AWS Config rule, such as COMPLIANT or NON_COMPLIANT .
public virtual string AttrComplianceType { get; }Property Value
System.String
Remarks
CloudformationAttribute: Compliance.Type
AttrConfigRuleId
The ID of the AWS Config rule, such as config-rule-a1bzhi .
public virtual string AttrConfigRuleId { get; }Property Value
System.String
Remarks
CloudformationAttribute: ConfigRuleId
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
ConfigRuleName
A name for the AWS Config rule.
public virtual string ConfigRuleName { get; set; }Property Value
System.String
Remarks
If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see Name Type .
Description
The description that you provide for the AWS Config rule.
public virtual string Description { get; set; }Property Value
System.String
Remarks
InputParameters
A string, in JSON format, that is passed to the AWS Config rule Lambda function.
public virtual object InputParameters { get; set; }Property Value
System.Object
Remarks
MaximumExecutionFrequency
The maximum frequency with which AWS Config runs evaluations for a rule.
public virtual string MaximumExecutionFrequency { get; set; }Property Value
System.String
Remarks
You can specify a value for MaximumExecutionFrequency when:
By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the <code>MaximumExecutionFrequency</code> parameter.
Scope
Defines which resources can trigger an evaluation for the rule.
public virtual object Scope { get; set; }Property Value
System.Object
Remarks
The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.
The scope can be empty.
Source
Provides the rule owner ( AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
public virtual object Source { get; set; }Property Value
System.Object
Remarks
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)Parameters
- inspector TreeInspector
- tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>