Skip to content

/AWS1/CL_CFSORGCUSTOMRULEMET

An object that specifies organization custom rule metadata such as resource type, resource ID of Amazon Web Services resource, Lambda function ARN, and organization trigger types that trigger Config to evaluate your Amazon Web Services resources against a rule. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.

CONSTRUCTOR

IMPORTING

Required arguments:

IV_LAMBDAFUNCTIONARN TYPE /AWS1/CFSSTRWITHCHARLIMIT256 /AWS1/CFSSTRWITHCHARLIMIT256

The lambda function ARN.

IT_ORGCONFIGRULETRIGGERTYPES TYPE /AWS1/CL_CFSORGCFGRLTRIGGERT00=>TT_ORGCONFIGRULETRIGGERTYPES TT_ORGCONFIGRULETRIGGERTYPES

The type of notification that triggers Config to run an evaluation for a rule. You can specify the following notification types:

  • ConfigurationItemChangeNotification - Triggers an evaluation when Config delivers a configuration item as a result of a resource change.

  • OversizedConfigurationItemChangeNotification - Triggers an evaluation when Config delivers an oversized configuration item. Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.

  • ScheduledNotification - Triggers a periodic evaluation at the frequency specified for MaximumExecutionFrequency.

Optional arguments:

IV_DESCRIPTION TYPE /AWS1/CFSSTRWITHCHARLMT256MIN0 /AWS1/CFSSTRWITHCHARLMT256MIN0

The description that you provide for your organization Config rule.

IV_INPUTPARAMETERS TYPE /AWS1/CFSSTRWITHCHARLIMIT2048 /AWS1/CFSSTRWITHCHARLIMIT2048

A string, in JSON format, that is passed to your organization Config rule Lambda function.

IV_MAXIMUMEXECUTIONFREQUENCY TYPE /AWS1/CFSMAXIMUMEXECFREQUENCY /AWS1/CFSMAXIMUMEXECFREQUENCY

The maximum frequency with which Config runs evaluations for a rule. Your custom rule is triggered when Config delivers the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

IT_RESOURCETYPESSCOPE TYPE /AWS1/CL_CFSRESRCTYPESSCOPE_W=>TT_RESOURCETYPESSCOPE TT_RESOURCETYPESSCOPE

The type of the Amazon Web Services resource that was evaluated.

IV_RESOURCEIDSCOPE TYPE /AWS1/CFSSTRWITHCHARLIMIT768 /AWS1/CFSSTRWITHCHARLIMIT768

The ID of the Amazon Web Services resource that was evaluated.

IV_TAGKEYSCOPE TYPE /AWS1/CFSSTRWITHCHARLIMIT128 /AWS1/CFSSTRWITHCHARLIMIT128

One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.

IV_TAGVALUESCOPE TYPE /AWS1/CFSSTRWITHCHARLIMIT256 /AWS1/CFSSTRWITHCHARLIMIT256

The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).

Queryable Attributes

Description

The description that you provide for your organization Config rule.

Accessible with the following methods

Method Description
GET_DESCRIPTION() Getter for DESCRIPTION, with configurable default
ASK_DESCRIPTION() Getter for DESCRIPTION w/ exceptions if field has no value
HAS_DESCRIPTION() Determine if DESCRIPTION has a value

LambdaFunctionArn

The lambda function ARN.

Accessible with the following methods

Method Description
GET_LAMBDAFUNCTIONARN() Getter for LAMBDAFUNCTIONARN, with configurable default
ASK_LAMBDAFUNCTIONARN() Getter for LAMBDAFUNCTIONARN w/ exceptions if field has no v
HAS_LAMBDAFUNCTIONARN() Determine if LAMBDAFUNCTIONARN has a value

OrganizationConfigRuleTriggerTypes

The type of notification that triggers Config to run an evaluation for a rule. You can specify the following notification types:

  • ConfigurationItemChangeNotification - Triggers an evaluation when Config delivers a configuration item as a result of a resource change.

  • OversizedConfigurationItemChangeNotification - Triggers an evaluation when Config delivers an oversized configuration item. Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.

  • ScheduledNotification - Triggers a periodic evaluation at the frequency specified for MaximumExecutionFrequency.

Accessible with the following methods

Method Description
GET_ORGCFGRULETRIGGERTYPES() Getter for ORGCONFIGRULETRIGGERTYPES, with configurable defa
ASK_ORGCFGRULETRIGGERTYPES() Getter for ORGCONFIGRULETRIGGERTYPES w/ exceptions if field
HAS_ORGCFGRULETRIGGERTYPES() Determine if ORGCONFIGRULETRIGGERTYPES has a value

InputParameters

A string, in JSON format, that is passed to your organization Config rule Lambda function.

Accessible with the following methods

Method Description
GET_INPUTPARAMETERS() Getter for INPUTPARAMETERS, with configurable default
ASK_INPUTPARAMETERS() Getter for INPUTPARAMETERS w/ exceptions if field has no val
HAS_INPUTPARAMETERS() Determine if INPUTPARAMETERS has a value

MaximumExecutionFrequency

The maximum frequency with which Config runs evaluations for a rule. Your custom rule is triggered when Config delivers the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

Accessible with the following methods

Method Description
GET_MAXIMUMEXECFREQUENCY() Getter for MAXIMUMEXECUTIONFREQUENCY, with configurable defa
ASK_MAXIMUMEXECFREQUENCY() Getter for MAXIMUMEXECUTIONFREQUENCY w/ exceptions if field
HAS_MAXIMUMEXECFREQUENCY() Determine if MAXIMUMEXECUTIONFREQUENCY has a value

ResourceTypesScope

The type of the Amazon Web Services resource that was evaluated.

Accessible with the following methods

Method Description
GET_RESOURCETYPESSCOPE() Getter for RESOURCETYPESSCOPE, with configurable default
ASK_RESOURCETYPESSCOPE() Getter for RESOURCETYPESSCOPE w/ exceptions if field has no
HAS_RESOURCETYPESSCOPE() Determine if RESOURCETYPESSCOPE has a value

ResourceIdScope

The ID of the Amazon Web Services resource that was evaluated.

Accessible with the following methods

Method Description
GET_RESOURCEIDSCOPE() Getter for RESOURCEIDSCOPE, with configurable default
ASK_RESOURCEIDSCOPE() Getter for RESOURCEIDSCOPE w/ exceptions if field has no val
HAS_RESOURCEIDSCOPE() Determine if RESOURCEIDSCOPE has a value

TagKeyScope

One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.

Accessible with the following methods

Method Description
GET_TAGKEYSCOPE() Getter for TAGKEYSCOPE, with configurable default
ASK_TAGKEYSCOPE() Getter for TAGKEYSCOPE w/ exceptions if field has no value
HAS_TAGKEYSCOPE() Determine if TAGKEYSCOPE has a value

TagValueScope

The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).

Accessible with the following methods

Method Description
GET_TAGVALUESCOPE() Getter for TAGVALUESCOPE, with configurable default
ASK_TAGVALUESCOPE() Getter for TAGVALUESCOPE w/ exceptions if field has no value
HAS_TAGVALUESCOPE() Determine if TAGVALUESCOPE has a value