CustomRuleProps

class aws_cdk.aws_config.CustomRuleProps(*, config_rule_name=None, description=None, input_parameters=None, maximum_execution_frequency=None, rule_scope=None, lambda_function, configuration_changes=None, periodic=None)

Bases: RuleProps

Construction properties for a CustomRule.

Parameters:

  • config_rule_name (Optional[str]) – A name for the AWS Config rule. Default: - CloudFormation generated name

  • description (Optional[str]) – A description about this AWS Config rule. Default: - No description

  • input_parameters (Optional[Mapping[str, Any]]) – Input parameter values that are passed to the AWS Config rule. Default: - No input parameters

  • maximum_execution_frequency (Optional[MaximumExecutionFrequency]) – The maximum frequency at which the AWS Config rule runs evaluations. Default: MaximumExecutionFrequency.TWENTY_FOUR_HOURS

  • rule_scope (Optional[RuleScope]) – Defines which resources trigger an evaluation for an AWS Config rule. Default: - evaluations for the rule are triggered when any resource in the recording group changes.

  • lambda_function (IFunction) – The Lambda function to run.

  • configuration_changes (Optional[bool]) – Whether to run the rule on configuration changes. Default: false

  • periodic (Optional[bool]) – Whether to run the rule on a fixed frequency. Default: false

ExampleMetadata:

infused

Example:

# Lambda function containing logic that evaluates compliance with the rule.
eval_compliance_fn = lambda_.Function(self, "CustomFunction",
    code=lambda_.AssetCode.from_inline("exports.handler = (event) => console.log(event);"),
    handler="index.handler",
    runtime=lambda_.Runtime.NODEJS_14_X
)

# A custom rule that runs on configuration changes of EC2 instances
custom_rule = config.CustomRule(self, "Custom",
    configuration_changes=True,
    lambda_function=eval_compliance_fn,
    rule_scope=config.RuleScope.from_resource(config.ResourceType.EC2_INSTANCE)
)

# A rule to detect stack drifts
drift_rule = config.CloudFormationStackDriftDetectionCheck(self, "Drift")

# Topic to which compliance notification events will be published
compliance_topic = sns.Topic(self, "ComplianceTopic")

# Send notification on compliance change events
drift_rule.on_compliance_change("ComplianceChange",
    target=targets.SnsTopic(compliance_topic)
)

Attributes

config_rule_name

A name for the AWS Config rule.

Default:

  • CloudFormation generated name

configuration_changes

Whether to run the rule on configuration changes.

Default:

false

description

A description about this AWS Config rule.

Default:

  • No description

input_parameters

Input parameter values that are passed to the AWS Config rule.

Default:

  • No input parameters

lambda_function

The Lambda function to run.

maximum_execution_frequency

The maximum frequency at which the AWS Config rule runs evaluations.

Default:

MaximumExecutionFrequency.TWENTY_FOUR_HOURS

periodic

Whether to run the rule on a fixed frequency.

Default:

false

rule_scope

Defines which resources trigger an evaluation for an AWS Config rule.

Default:

  • evaluations for the rule are triggered when any resource in the recording group changes.