AWS::Config::ConfigRule CustomPolicyDetails

Provides the CustomPolicyDetails, the rule owner (AWS for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your AWS resources.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "EnableDebugLogDelivery" : Boolean,
  "PolicyRuntime" : String,
  "PolicyText" : String
}

YAML


  EnableDebugLogDelivery: Boolean
  PolicyRuntime: String
  PolicyText: String

Properties

EnableDebugLogDelivery

The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is false.

Required: No

Type: Boolean

Update requires: No interruption

PolicyRuntime

The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the Guard GitHub Repository.

Required: No

Type: String

Pattern: guard\-2\.x\.x

Minimum: 1

Maximum: 64

Update requires: No interruption

PolicyText

The policy definition containing the logic for your AWS Config Custom Policy rule.

Required: No

Type: String

Minimum: 0

Maximum: 10000

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Compliance

EvaluationModeConfiguration