AWS::Config::ConfigRule CustomPolicyDetails
Provides the CustomPolicyDetails, the rule owner (
AWS
for managed rules, CUSTOM_POLICY
for Custom Policy rules, and CUSTOM_LAMBDA
for Custom Lambda rules), the rule
identifier, and the events that cause the evaluation of your AWS
resources.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "EnableDebugLogDelivery" :
Boolean
, "PolicyRuntime" :String
, "PolicyText" :String
}
YAML
EnableDebugLogDelivery:
Boolean
PolicyRuntime:String
PolicyText:String
Properties
EnableDebugLogDelivery
-
The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is
false
.Required: No
Type: Boolean
Update requires: No interruption
PolicyRuntime
-
The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the Guard GitHub Repository
. Required: No
Type: String
Pattern:
guard\-2\.x\.x
Minimum:
1
Maximum:
64
Update requires: No interruption
PolicyText
-
The policy definition containing the logic for your AWS Config Custom Policy rule.
Required: No
Type: String
Minimum:
0
Maximum:
10000
Update requires: No interruption