Class CfnAccountAuditConfiguration

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
All Implemented Interfaces:
IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.99.0 (build 8f757e4)", date="2024-06-13T18:49:20.036Z") @Stability(Stable) public class CfnAccountAuditConfiguration extends CfnResource implements IInspectable
Use the AWS::IoT::AccountAuditConfiguration resource to configure or reconfigure the Device Defender audit settings for your account.

Settings include how audit notifications are sent and which audit checks are enabled or disabled. For API reference, see UpdateAccountAuditConfiguration and for detailed information on all available audit checks, see Audit checks .

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.iot.*;
 CfnAccountAuditConfiguration cfnAccountAuditConfiguration = CfnAccountAuditConfiguration.Builder.create(this, "MyCfnAccountAuditConfiguration")
         .accountId("accountId")
         .auditCheckConfigurations(AuditCheckConfigurationsProperty.builder()
                 .authenticatedCognitoRoleOverlyPermissiveCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .caCertificateExpiringCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .caCertificateKeyQualityCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .conflictingClientIdsCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .deviceCertificateExpiringCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .deviceCertificateKeyQualityCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .deviceCertificateSharedCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .intermediateCaRevokedForActiveDeviceCertificatesCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .iotPolicyOverlyPermissiveCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .ioTPolicyPotentialMisConfigurationCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .iotRoleAliasAllowsAccessToUnusedServicesCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .iotRoleAliasOverlyPermissiveCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .loggingDisabledCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .revokedCaCertificateStillActiveCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .revokedDeviceCertificateStillActiveCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .unauthenticatedCognitoRoleOverlyPermissiveCheck(AuditCheckConfigurationProperty.builder()
                         .enabled(false)
                         .build())
                 .build())
         .roleArn("roleArn")
         // the properties below are optional
         .auditNotificationTargetConfigurations(AuditNotificationTargetConfigurationsProperty.builder()
                 .sns(AuditNotificationTargetProperty.builder()
                         .enabled(false)
                         .roleArn("roleArn")
                         .targetArn("targetArn")
                         .build())
                 .build())
         .build();
 

See Also:
  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.
  • Constructor Details

    • CfnAccountAuditConfiguration

      protected CfnAccountAuditConfiguration(software.amazon.jsii.JsiiObjectRef objRef)
    • CfnAccountAuditConfiguration

      protected CfnAccountAuditConfiguration(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
    • CfnAccountAuditConfiguration

      @Stability(Stable) public CfnAccountAuditConfiguration(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnAccountAuditConfigurationProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties. This parameter is required.
  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.
    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.
    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource
    • getAccountId

      @Stability(Stable) @NotNull public String getAccountId()
      The ID of the account.
    • setAccountId

      @Stability(Stable) public void setAccountId(@NotNull String value)
      The ID of the account.
    • getAuditCheckConfigurations

      @Stability(Stable) @NotNull public Object getAuditCheckConfigurations()
      Specifies which audit checks are enabled and disabled for this account.
    • setAuditCheckConfigurations

      @Stability(Stable) public void setAuditCheckConfigurations(@NotNull IResolvable value)
      Specifies which audit checks are enabled and disabled for this account.
    • setAuditCheckConfigurations

      @Stability(Stable) public void setAuditCheckConfigurations(@NotNull CfnAccountAuditConfiguration.AuditCheckConfigurationsProperty value)
      Specifies which audit checks are enabled and disabled for this account.
    • getRoleArn

      @Stability(Stable) @NotNull public String getRoleArn()
      The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.
    • setRoleArn

      @Stability(Stable) public void setRoleArn(@NotNull String value)
      The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.
    • getAuditNotificationTargetConfigurations

      @Stability(Stable) @Nullable public Object getAuditNotificationTargetConfigurations()
      Information about the targets to which audit notifications are sent.
    • setAuditNotificationTargetConfigurations

      @Stability(Stable) public void setAuditNotificationTargetConfigurations(@Nullable IResolvable value)
      Information about the targets to which audit notifications are sent.
    • setAuditNotificationTargetConfigurations

      @Stability(Stable) public void setAuditNotificationTargetConfigurations(@Nullable CfnAccountAuditConfiguration.AuditNotificationTargetConfigurationsProperty value)
      Information about the targets to which audit notifications are sent.