If you have configured rules, Cloud Config evaluates your resources according to the rules at regular intervals or when resources change. If a resource is evaluated as non-compliant, Cloud Config will send a notification to you in a timely manner.
The following table describes the parameters for resource non-compliance events.
| Parameter | Description |
|---|---|
"eventName": "NonCompliant" |
The name of the resource non-compliance event. |
"eventType": "ResourceCompliance" |
The type of the resource non-compliance event. |
"annotation" |
The description of the non-compliant configurations. |
riskLevel |
The risk level of the resource that is not compliant with rules. Valid values:
|
"evaluationResultIdentifier" |
The core information of the compliance evaluation result, indicating the specific non-compliant resource and the rules with which the resource is not compliant. |
Example:
{
"annotation": "Not encrypt disk.",
"accountId": 120886317861****,
"riskLevel": Critical,
"resultRecordedTimestamp": 1582083811720,
"eventName": "NonCompliant",
"evaluationResultIdentifier": {
"orderingTimestamp": 1582083811463,
"evaluationResultQualifier": {
"resourceId": "d-2ze3ex7yeuxoc7wd****",
"configRuleName": "level3_protection-ecs-disk-encrypted-4765b7",
"configRuleArn": "acs:config::193238204364****:config-rule/cr-aee2c1481852004765bc",
"configRuleId": "cr-aee2c1481852004765bc",
"resourceType": "ACS::ECS::Disk"
}
},
"eventType": "ResourceCompliance",
"invokingEventMessageType": "ScheduledNotification",
"configRuleInvokedTimestamp": 1582083811463,
"notificationCreationTime": 1582172396177,
"complianceType": "NON_COMPLIANT"
}