Source
import type { Source } from "https://aws-api.deno.dev/v0.4/services/configservice.ts?docs=full";
Provides the CustomPolicyDetails, the rule owner (Amazon Web Services
for managed rules, CUSTOM_POLICY
for Custom Policy rules, and CUSTOM_LAMBDA
for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your Amazon Web Services resources.
§Properties
Provides the runtime system, policy definition, and whether debug logging is enabled.
Required when owner is set to CUSTOM_POLICY
.
Indicates whether Amazon Web Services or the customer owns and manages the Config rule.
Config Managed Rules are predefined rules owned by Amazon Web Services. For more information, see Config Managed Rules in the Config developer guide.
Config Custom Rules are rules that you can develop either with Guard (CUSTOM_POLICY
) or Lambda (CUSTOM_LAMBDA
).
For more information, see Config Custom Rules in the Config developer guide.
Provides the source and the message types that cause Config to evaluate your Amazon Web Services resources against a rule. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.
If the owner is set to CUSTOM_POLICY
, the only acceptable values for the Config rule trigger message type are ConfigurationItemChangeNotification
and OversizedConfigurationItemChangeNotification
.
For Config Managed rules, a predefined identifier from a list.
For example, IAM_PASSWORD_POLICY
is a managed rule.
To reference a managed rule, see List of Config Managed Rules.
For Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's Lambda function, such as arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name
.
For Config Custom Policy rules, this field will be ignored.