aws-cdk-lib.aws_config.CfnConfigRuleProps

interface CfnConfigRuleProps

LanguageType name
.NETAmazon.CDK.AWS.Config.CfnConfigRuleProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsconfig#CfnConfigRuleProps
Javasoftware.amazon.awscdk.services.config.CfnConfigRuleProps
Pythonaws_cdk.aws_config.CfnConfigRuleProps
TypeScript aws-cdk-lib » aws_config » CfnConfigRuleProps

Properties for defining a CfnConfigRule.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_config as config } from 'aws-cdk-lib';

declare const inputParameters: any;
const cfnConfigRuleProps: config.CfnConfigRuleProps = {
  source: {
    owner: 'owner',

    // the properties below are optional
    customPolicyDetails: {
      enableDebugLogDelivery: false,
      policyRuntime: 'policyRuntime',
      policyText: 'policyText',
    },
    sourceDetails: [{
      eventSource: 'eventSource',
      messageType: 'messageType',

      // the properties below are optional
      maximumExecutionFrequency: 'maximumExecutionFrequency',
    }],
    sourceIdentifier: 'sourceIdentifier',
  },

  // the properties below are optional
  configRuleName: 'configRuleName',
  description: 'description',
  inputParameters: inputParameters,
  maximumExecutionFrequency: 'maximumExecutionFrequency',
  scope: {
    complianceResourceId: 'complianceResourceId',
    complianceResourceTypes: ['complianceResourceTypes'],
    tagKey: 'tagKey',
    tagValue: 'tagValue',
  },
};

Properties

NameTypeDescription
sourceIResolvable | SourcePropertyProvides the rule owner ( AWS for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
configRuleName?stringA name for the AWS Config rule.
description?stringThe description that you provide for the AWS Config rule.
inputParameters?anyA string, in JSON format, that is passed to the AWS Config rule Lambda function.
maximumExecutionFrequency?stringThe maximum frequency with which AWS Config runs evaluations for a rule.
scope?IResolvable | ScopePropertyDefines which resources can trigger an evaluation for the rule.

source

Type: IResolvable | SourceProperty

Provides the rule owner ( AWS for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.


configRuleName?

Type: string (optional)

A name for the AWS Config rule.

If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see Name Type .


description?

Type: string (optional)

The description that you provide for the AWS Config rule.


inputParameters?

Type: any (optional)

A string, in JSON format, that is passed to the AWS Config rule Lambda function.


maximumExecutionFrequency?

Type: string (optional)

The maximum frequency with which AWS Config runs evaluations for a rule.

You can specify a value for MaximumExecutionFrequency when:

  • You are using an AWS managed rule that is triggered at a periodic frequency.
  • Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties .

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.


scope?

Type: IResolvable | ScopeProperty (optional)

Defines which resources can trigger an evaluation for the rule.

The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.

The scope can be empty.