ALIYUN::Config::Rule is used to create or modify a rule.
Syntax
{
"Type": "ALIYUN::Config::Rule",
"Properties": {
"TagKeyScope": String,
"TagValueScope": String,
"Description": String,
"ExcludeResourceIdsScope": String,
"SourceOwner": String,
"SourceIdentifier": String,
"MaximumExecutionFrequency": String,
"RegionIdsScope": String,
"ConfigRuleTriggerTypes": String,
"ResourceGroupIdsScope": String,
"RiskLevel": Integer,
"ResourceTypesScope": List,
"RuleName": String,
"InputParameters": Map,
"TagKeyLogicScope": String
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
TagKeyScope | String | No | Yes | The tag key of the rule. | This property takes effect when SourceOwner is set to ALIYUN. |
TagValueScope | String | No | Yes | The tag value of the rule. | This property takes effect when SourceOwner is set to ALIYUN. |
Description | String | No | Yes | The description of the rule. | None. |
ExcludeResourceIdsScope | String | No | Yes | The IDs of the resources that are excluded by the rule. | Separate multiple resource IDs with commas (,). This property takes effect when SourceOwner is set to ALIYUN. |
SourceOwner | String | Yes | No | The method based on which the rule is created. | Valid values:
|
SourceIdentifier | String | Yes | No | The identifier of the rule or the Alibaba Cloud Resource Name (ARN) of the function. | This property specifies the identifier of the rule when SourceOwner is set to ALIYUN. A value of ALIYUN specifies a managed rule of Alibaba Cloud. This property specifies the ARN of the function when SourceOwner is set to CUSTOM_FC. A value of CUSTOM_FC specifies a custom function. |
MaximumExecutionFrequency | String | No | Yes | The interval at which the rule is executed. | Valid values:
|
RegionIdsScope | String | No | Yes | The region IDs of the rule. | Separate multiple region IDs with commas (,). This property takes effect when SourceOwner is set to ALIYUN. |
ConfigRuleTriggerTypes | String | Yes | Yes | The trigger types of the rule. | Valid values:
|
ResourceGroupIdsScope | String | No | Yes | The resource group IDs of the rule. | Separate multiple resource group IDs with commas (,). This property takes effect when SourceOwner is set to ALIYUN. |
RiskLevel | Integer | Yes | Yes | The risk level of the rule. | Valid values:
|
ResourceTypesScope | List | Yes | Yes | The types of the resources that are evaluated based on the rule. | None. |
RuleName | String | Yes | No | The name of the rule. | None. |
InputParameters | Map | No | Yes | The input parameters of the rule. | Example: |
TagKeyLogicScope | String | No | No | The logical relationship between the tag keys of the rule. | None. |
Return values
Fn::GetAtt
TagKeyScope: the tag key of the rule.
TagValueScope: the tag value of the rule.
Description: the description of the rule.
ExcludeResourceIdsScope: the IDs of the resources that are excluded by the rule.
SourceOwner: the method based on which the rule is created.
SourceIdentifier: the identifier of the rule.
MaximumExecutionFrequency: the interval at which the rule is executed.
ConfigRuleId: the rule ID.
EventSource: the source of the event.
RegionIdsScope: the region IDs of the rule.
ConfigRuleArn: the ARN of the rule.
ConfigRuleTriggerTypes: the trigger types of the rule.
ResourceGroupIdsScope: the resource group IDs of the rule.
RiskLevel: the risk level of the rule.
ResourceTypesScope: the types of the resources that are evaluated based on the rule.
RuleName: the name of the rule.
InputParameters: the input parameters of the rule.