interface CustomRuleProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Config.CustomRuleProps |
 Java | software.amazon.awscdk.services.config.CustomRuleProps |
 Python | aws_cdk.aws_config.CustomRuleProps |
 TypeScript (source) | @aws-cdk/aws-config » CustomRuleProps |
Construction properties for a CustomRule.
Example
// Lambda function containing logic that evaluates compliance with the rule.
const evalComplianceFn = new lambda.Function(this, 'CustomFunction', {
code: lambda.AssetCode.fromInline('exports.handler = (event) => console.log(event);'),
handler: 'index.handler',
runtime: lambda.Runtime.NODEJS_14_X,
});
// A custom rule that runs on configuration changes of EC2 instances
const customRule = new config.CustomRule(this, 'Custom', {
configurationChanges: true,
lambdaFunction: evalComplianceFn,
ruleScope: config.RuleScope.fromResource(config.ResourceType.EC2_INSTANCE),
});
// A rule to detect stack drifts
const driftRule = new config.CloudFormationStackDriftDetectionCheck(this, 'Drift');
// Topic to which compliance notification events will be published
const complianceTopic = new sns.Topic(this, 'ComplianceTopic');
// Send notification on compliance change events
driftRule.onComplianceChange('ComplianceChange', {
target: new targets.SnsTopic(complianceTopic),
});
Properties
| Name | Type | Description |
|---|---|---|
| lambda | IFunction | The Lambda function to run. |
| config | string | A name for the AWS Config rule. |
| configuration | boolean | Whether to run the rule on configuration changes. |
| description? | string | A description about this AWS Config rule. |
| input | { [string]: any } | Input parameter values that are passed to the AWS Config rule. |
| maximum | Maximum | The maximum frequency at which the AWS Config rule runs evaluations. |
| periodic? | boolean | Whether to run the rule on a fixed frequency. |
| rule | Rule | Defines which resources trigger an evaluation for an AWS Config rule. |
lambdaFunction
Type:
IFunction
The Lambda function to run.
configRuleName?
Type:
string
(optional, default: CloudFormation generated name)
A name for the AWS Config rule.
configurationChanges?
Type:
boolean
(optional, default: false)
Whether to run the rule on configuration changes.
description?
Type:
string
(optional, default: No description)
A description about this AWS Config rule.
inputParameters?
Type:
{ [string]: any }
(optional, default: No input parameters)
Input parameter values that are passed to the AWS Config rule.
maximumExecutionFrequency?
Type:
Maximum
(optional, default: MaximumExecutionFrequency.TWENTY_FOUR_HOURS)
The maximum frequency at which the AWS Config rule runs evaluations.
periodic?
Type:
boolean
(optional, default: false)
Whether to run the rule on a fixed frequency.
ruleScope?
Type:
Rule
(optional, default: evaluations for the rule are triggered when any resource in the recording group changes.)
Defines which resources trigger an evaluation for an AWS Config rule.