文档 AWS SDK 示例 GitHub 存储库中还有更多 [S AWS DK 示例](https://github.com/awsdocs/aws-doc-sdk-examples)。
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# AWS Config 使用适用于 Python 的 SDK (Boto3) 的示例
以下代码示例向您展示了如何使用with来执行操作和实现常见场景 AWS Config。 适用于 Python (Boto3) 的 AWS SDK
*操作*是大型程序的代码摘录,必须在上下文中运行。您可以通过操作了解如何调用单个服务函数,还可以通过函数相关场景的上下文查看操作。
每个示例都包含一个指向完整源代码的链接,您可以从中找到有关如何在上下文中设置和运行代码的说明。
**Topics**
+ [操作](#actions)
## 操作
### `DeleteConfigRule`
以下代码示例演示了如何使用 `DeleteConfigRule`。
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/config#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ConfigWrapper:
"""
Encapsulates AWS Config functions.
"""
def __init__(self, config_client):
"""
:param config_client: A Boto3 AWS Config client.
"""
self.config_client = config_client
def delete_config_rule(self, rule_name):
"""
Delete the specified rule.
:param rule_name: The name of the rule to delete.
"""
try:
self.config_client.delete_config_rule(ConfigRuleName=rule_name)
logger.info("Deleted rule %s.", rule_name)
except ClientError:
logger.exception("Couldn't delete rule %s.", rule_name)
raise
```
+ 有关 API 的详细信息,请参阅适用[DeleteConfigRule](https://docs.aws.amazon.com/goto/boto3/config-2014-11-12/DeleteConfigRule)于 *Python 的AWS SDK (Boto3) API 参考*。
### `DescribeConfigRules`
以下代码示例演示了如何使用 `DescribeConfigRules`。
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/config#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ConfigWrapper:
"""
Encapsulates AWS Config functions.
"""
def __init__(self, config_client):
"""
:param config_client: A Boto3 AWS Config client.
"""
self.config_client = config_client
def describe_config_rule(self, rule_name):
"""
Gets data for the specified rule.
:param rule_name: The name of the rule to retrieve.
:return: The rule data.
"""
try:
response = self.config_client.describe_config_rules(
ConfigRuleNames=[rule_name]
)
rule = response["ConfigRules"]
logger.info("Got data for rule %s.", rule_name)
except ClientError:
logger.exception("Couldn't get data for rule %s.", rule_name)
raise
else:
return rule
```
+ 有关 API 的详细信息,请参阅适用[DescribeConfigRules](https://docs.aws.amazon.com/goto/boto3/config-2014-11-12/DescribeConfigRules)于 *Python 的AWS SDK (Boto3) API 参考*。
### `PutConfigRule`
以下代码示例演示了如何使用 `PutConfigRule`。
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/config#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ConfigWrapper:
"""
Encapsulates AWS Config functions.
"""
def __init__(self, config_client):
"""
:param config_client: A Boto3 AWS Config client.
"""
self.config_client = config_client
def put_config_rule(self, rule_name):
"""
Sets a configuration rule that prohibits making Amazon S3 buckets publicly
readable.
:param rule_name: The name to give the rule.
"""
try:
self.config_client.put_config_rule(
ConfigRule={
"ConfigRuleName": rule_name,
"Description": "S3 Public Read Prohibited Bucket Rule",
"Scope": {
"ComplianceResourceTypes": [
"AWS::S3::Bucket",
],
},
"Source": {
"Owner": "AWS",
"SourceIdentifier": "S3_BUCKET_PUBLIC_READ_PROHIBITED",
},
"InputParameters": "{}",
"ConfigRuleState": "ACTIVE",
}
)
logger.info("Created configuration rule %s.", rule_name)
except ClientError:
logger.exception("Couldn't create configuration rule %s.", rule_name)
raise
```
+ 有关 API 的详细信息,请参阅适用[PutConfigRule](https://docs.aws.amazon.com/goto/boto3/config-2014-11-12/PutConfigRule)于 *Python 的AWS SDK (Boto3) API 参考*。