interface SourceProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Config.CfnConfigRule.SourceProperty |
 Java | software.amazon.awscdk.services.config.CfnConfigRule.SourceProperty |
 Python | aws_cdk.aws_config.CfnConfigRule.SourceProperty |
 TypeScript | @aws-cdk/aws-config » CfnConfigRule » SourceProperty |
Provides the CustomPolicyDetails, the rule owner ( AWS for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your AWS resources.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as config from '@aws-cdk/aws-config';
const sourceProperty: config.CfnConfigRule.SourceProperty = {
owner: 'owner',
// the properties below are optional
customPolicyDetails: {
enableDebugLogDelivery: false,
policyRuntime: 'policyRuntime',
policyText: 'policyText',
},
sourceDetails: [{
eventSource: 'eventSource',
messageType: 'messageType',
// the properties below are optional
maximumExecutionFrequency: 'maximumExecutionFrequency',
}],
sourceIdentifier: 'sourceIdentifier',
};
Properties
| Name | Type | Description |
|---|---|---|
| owner | string | Indicates whether AWS or the customer owns and manages the AWS Config rule. |
| custom | IResolvable | Custom | Provides the runtime system, policy definition, and whether debug logging is enabled. |
| source | IResolvable | IResolvable | Source[] | Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. |
| source | string | For AWS Config Managed rules, a predefined identifier from a list. |
owner
Type:
string
Indicates whether AWS or the customer owns and manages the AWS Config rule.
AWS Config Managed Rules are predefined rules owned by AWS . For more information, see AWS Config Managed Rules in the AWS Config developer guide .
AWS Config Custom Rules are rules that you can develop either with Guard ( CUSTOM_POLICY ) or AWS Lambda ( CUSTOM_LAMBDA ). For more information, see AWS Config Custom Rules in the AWS Config developer guide .
customPolicyDetails?
Type:
IResolvable | Custom
(optional)
Provides the runtime system, policy definition, and whether debug logging is enabled.
Required when owner is set to CUSTOM_POLICY .
sourceDetails?
Type:
IResolvable | IResolvable | Source[]
(optional)
Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule.
It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.
If the owner is set to CUSTOM_POLICY , the only acceptable values for the AWS Config rule trigger message type are ConfigurationItemChangeNotification and OversizedConfigurationItemChangeNotification .
sourceIdentifier?
Type:
string
(optional)
For AWS Config Managed rules, a predefined identifier from a list.
For example, IAM_PASSWORD_POLICY is a managed rule. To reference a managed rule, see List of AWS Config Managed Rules .
For AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name .
For AWS Config Custom Policy rules, this field will be ignored.