Class CfnConfigurationRecorderMixinProps
Properties for CfnConfigurationRecorderPropsMixin.
Implements
Inherited Members
Namespace: Amazon.CDK.Mixins.Preview.AWS.Config.Mixins
Assembly: Amazon.CDK.Mixins.Preview.dll
Syntax (csharp)
public class CfnConfigurationRecorderMixinProps : ICfnConfigurationRecorderMixinPropsSyntax (vb)
Public Class CfnConfigurationRecorderMixinProps Implements ICfnConfigurationRecorderMixinPropsRemarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.Mixins.Preview.AWS.Config.Mixins;
var cfnConfigurationRecorderMixinProps = new CfnConfigurationRecorderMixinProps {
Name = "name",
RecordingGroup = new RecordingGroupProperty {
AllSupported = false,
ExclusionByResourceTypes = new ExclusionByResourceTypesProperty {
ResourceTypes = new [] { "resourceTypes" }
},
IncludeGlobalResourceTypes = false,
RecordingStrategy = new RecordingStrategyProperty {
UseOnly = "useOnly"
},
ResourceTypes = new [] { "resourceTypes" }
},
RecordingMode = new RecordingModeProperty {
RecordingFrequency = "recordingFrequency",
RecordingModeOverrides = new [] { new RecordingModeOverrideProperty {
Description = "description",
RecordingFrequency = "recordingFrequency",
ResourceTypes = new [] { "resourceTypes" }
} }
},
RoleArn = "roleArn"
};Synopsis
Constructors
| CfnConfigurationRecorderMixinProps() | Properties for CfnConfigurationRecorderPropsMixin. |
Properties
| Name | The name of the configuration recorder. AWS Config automatically assigns the name of "default" when creating the configuration recorder. |
| RecordingGroup | Specifies which resource types AWS Config records for configuration changes. |
| RecordingMode | Specifies the default recording frequency for the configuration recorder. AWS Config supports Continuous recording and Daily recording . |
| RoleArn | Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. |
Constructors
CfnConfigurationRecorderMixinProps()
Properties for CfnConfigurationRecorderPropsMixin.
public CfnConfigurationRecorderMixinProps()Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.Mixins.Preview.AWS.Config.Mixins;
var cfnConfigurationRecorderMixinProps = new CfnConfigurationRecorderMixinProps {
Name = "name",
RecordingGroup = new RecordingGroupProperty {
AllSupported = false,
ExclusionByResourceTypes = new ExclusionByResourceTypesProperty {
ResourceTypes = new [] { "resourceTypes" }
},
IncludeGlobalResourceTypes = false,
RecordingStrategy = new RecordingStrategyProperty {
UseOnly = "useOnly"
},
ResourceTypes = new [] { "resourceTypes" }
},
RecordingMode = new RecordingModeProperty {
RecordingFrequency = "recordingFrequency",
RecordingModeOverrides = new [] { new RecordingModeOverrideProperty {
Description = "description",
RecordingFrequency = "recordingFrequency",
ResourceTypes = new [] { "resourceTypes" }
} }
},
RoleArn = "roleArn"
};Properties
Name
The name of the configuration recorder. AWS Config automatically assigns the name of "default" when creating the configuration recorder.
public string? Name { get; set; }Property Value
Remarks
You cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.
RecordingGroup
Specifies which resource types AWS Config records for configuration changes.
public object? RecordingGroup { get; set; }Property Value
Remarks
<em>High Number of AWS Config Evaluations</em>
You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.
If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An ephemeral workload is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.
Type union: either IResolvable or CfnConfigurationRecorderPropsMixin.IRecordingGroupProperty
RecordingMode
Specifies the default recording frequency for the configuration recorder. AWS Config supports Continuous recording and Daily recording .
public object? RecordingMode { get; set; }Property Value
Remarks
<em>Some resource types require continuous recording</em>
AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.
You can also override the recording frequency for specific resource types.
Type union: either IResolvable or CfnConfigurationRecorderPropsMixin.IRecordingModeProperty
RoleArn
Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder.
public string? RoleArn { get; set; }Property Value
Remarks
For more information, see Permissions for the IAM Role Assigned to AWS Config in the AWS Config Developer Guide.
<em>Pre-existing AWS Config role</em>
If you have used an AWS service that uses AWS Config , such as AWS Security Hub CSPM or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.
For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see Identity and Access Management for AWS Config in the AWS Config Developer Guide .