CfnOrganizationConfigRuleProps

class aws_cdk.aws_config.CfnOrganizationConfigRuleProps(*, organization_config_rule_name, excluded_accounts=None, organization_custom_policy_rule_metadata=None, organization_custom_rule_metadata=None, organization_managed_rule_metadata=None)

Bases: object

Properties for defining a CfnOrganizationConfigRule.

Parameters:

• organization_config_rule_name (str) – The name that you assign to organization AWS Config rule.

• excluded_accounts (Optional[Sequence[str]]) – A comma-separated list of accounts excluded from organization AWS Config rule.

• organization_custom_policy_rule_metadata (Union[IResolvable, OrganizationCustomPolicyRuleMetadataProperty, Dict[str, Any], None]) – An object that specifies metadata for your organization’s AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.

• organization_custom_rule_metadata (Union[IResolvable, OrganizationCustomRuleMetadataProperty, Dict[str, Any], None]) – An OrganizationCustomRuleMetadata object.

• organization_managed_rule_metadata (Union[IResolvable, OrganizationManagedRuleMetadataProperty, Dict[str, Any], None]) – An OrganizationManagedRuleMetadata object.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-organizationconfigrule.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_config as config

cfn_organization_config_rule_props = config.CfnOrganizationConfigRuleProps(
    organization_config_rule_name="organizationConfigRuleName",

    # the properties below are optional
    excluded_accounts=["excludedAccounts"],
    organization_custom_policy_rule_metadata=config.CfnOrganizationConfigRule.OrganizationCustomPolicyRuleMetadataProperty(
        policy_text="policyText",
        runtime="runtime",

        # the properties below are optional
        debug_log_delivery_accounts=["debugLogDeliveryAccounts"],
        description="description",
        input_parameters="inputParameters",
        maximum_execution_frequency="maximumExecutionFrequency",
        organization_config_rule_trigger_types=["organizationConfigRuleTriggerTypes"],
        resource_id_scope="resourceIdScope",
        resource_types_scope=["resourceTypesScope"],
        tag_key_scope="tagKeyScope",
        tag_value_scope="tagValueScope"
    ),
    organization_custom_rule_metadata=config.CfnOrganizationConfigRule.OrganizationCustomRuleMetadataProperty(
        lambda_function_arn="lambdaFunctionArn",
        organization_config_rule_trigger_types=["organizationConfigRuleTriggerTypes"],

        # the properties below are optional
        description="description",
        input_parameters="inputParameters",
        maximum_execution_frequency="maximumExecutionFrequency",
        resource_id_scope="resourceIdScope",
        resource_types_scope=["resourceTypesScope"],
        tag_key_scope="tagKeyScope",
        tag_value_scope="tagValueScope"
    ),
    organization_managed_rule_metadata=config.CfnOrganizationConfigRule.OrganizationManagedRuleMetadataProperty(
        rule_identifier="ruleIdentifier",

        # the properties below are optional
        description="description",
        input_parameters="inputParameters",
        maximum_execution_frequency="maximumExecutionFrequency",
        resource_id_scope="resourceIdScope",
        resource_types_scope=["resourceTypesScope"],
        tag_key_scope="tagKeyScope",
        tag_value_scope="tagValueScope"
    )
)

Attributes

excluded_accounts

A comma-separated list of accounts excluded from organization AWS Config rule.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-organizationconfigrule.html#cfn-config-organizationconfigrule-excludedaccounts

organization_config_rule_name

The name that you assign to organization AWS Config rule.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-organizationconfigrule.html#cfn-config-organizationconfigrule-organizationconfigrulename

organization_custom_policy_rule_metadata

An object that specifies metadata for your organization’s AWS Config Custom Policy rule.

The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-organizationconfigrule.html#cfn-config-organizationconfigrule-organizationcustompolicyrulemetadata

organization_custom_rule_metadata

An OrganizationCustomRuleMetadata object.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-organizationconfigrule.html#cfn-config-organizationconfigrule-organizationcustomrulemetadata

organization_managed_rule_metadata

An OrganizationManagedRuleMetadata object.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-organizationconfigrule.html#cfn-config-organizationconfigrule-organizationmanagedrulemetadata