CfnGuardHookPropsMixin

class aws_cdk.mixins_preview.aws_cloudformation.mixins.CfnGuardHookPropsMixin(props, *, strategy=None)

Bases: Mixin

The AWS::CloudFormation::GuardHook resource creates and activates a Guard Hook.

Using the Guard domain specific language (DSL), you can author Guard Hooks to evaluate your resources before allowing stack operations.

For more information, see Guard Hooks in the CloudFormation Hooks User Guide .

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-guardhook.html
CloudformationResource:: AWS::CloudFormation::GuardHook
Mixin:: true
ExampleMetadata:: fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_cloudformation import mixins as cloudformation_mixins

cfn_guard_hook_props_mixin = cloudformation_mixins.CfnGuardHookPropsMixin(cloudformation_mixins.CfnGuardHookMixinProps(
    alias="alias",
    execution_role="executionRole",
    failure_mode="failureMode",
    hook_status="hookStatus",
    log_bucket="logBucket",
    options=cloudformation_mixins.CfnGuardHookPropsMixin.OptionsProperty(
        input_params=cloudformation_mixins.CfnGuardHookPropsMixin.S3LocationProperty(
            uri="uri",
            version_id="versionId"
        )
    ),
    rule_location=cloudformation_mixins.CfnGuardHookPropsMixin.S3LocationProperty(
        uri="uri",
        version_id="versionId"
    ),
    stack_filters=cloudformation_mixins.CfnGuardHookPropsMixin.StackFiltersProperty(
        filtering_criteria="filteringCriteria",
        stack_names=cloudformation_mixins.CfnGuardHookPropsMixin.StackNamesProperty(
            exclude=["exclude"],
            include=["include"]
        ),
        stack_roles=cloudformation_mixins.CfnGuardHookPropsMixin.StackRolesProperty(
            exclude=["exclude"],
            include=["include"]
        )
    ),
    target_filters=cloudformation_mixins.CfnGuardHookPropsMixin.TargetFiltersProperty(
        actions=["actions"],
        invocation_points=["invocationPoints"],
        target_names=["targetNames"],
        targets=[cloudformation_mixins.CfnGuardHookPropsMixin.HookTargetProperty(
            action="action",
            invocation_point="invocationPoint",
            target_name="targetName"
        )]
    ),
    target_operations=["targetOperations"]
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::CloudFormation::GuardHook.

Parameters:

props (Union[CfnGuardHookMixinProps, Dict[str, Any]]) – L1 properties to apply.
strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:: construct (IConstruct)
Return type:: IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:: construct (IConstruct)
Return type:: bool

Attributes

CFN_PROPERTY_KEYS = ['alias', 'executionRole', 'failureMode', 'hookStatus', 'logBucket', 'options', 'ruleLocation', 'stackFilters', 'targetFilters', 'targetOperations']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:: x (Any) – Any object.
Return type:: bool
Returns:: true if x is an object created from a class which extends Mixin.
Stability:: experimental

HookTargetProperty

class CfnGuardHookPropsMixin.HookTargetProperty(*, action=None, invocation_point=None, target_name=None)

Bases: object

Hook targets are the destination where hooks will be invoked against.

Parameters:

action (Optional[str]) – Target actions are the type of operation hooks will be executed at.
invocation_point (Optional[str]) – Invocation points are the point in provisioning workflow where hooks will be executed.
target_name (Optional[str]) – Type name of hook target. Hook targets are the destination where hooks will be invoked against.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-hooktarget.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cloudformation import mixins as cloudformation_mixins

hook_target_property = cloudformation_mixins.CfnGuardHookPropsMixin.HookTargetProperty(
    action="action",
    invocation_point="invocationPoint",
    target_name="targetName"
)

Attributes

action

Target actions are the type of operation hooks will be executed at.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-hooktarget.html#cfn-cloudformation-guardhook-hooktarget-action

invocation_point

Invocation points are the point in provisioning workflow where hooks will be executed.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-hooktarget.html#cfn-cloudformation-guardhook-hooktarget-invocationpoint

target_name

Type name of hook target.

Hook targets are the destination where hooks will be invoked against.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-hooktarget.html#cfn-cloudformation-guardhook-hooktarget-targetname

OptionsProperty

class CfnGuardHookPropsMixin.OptionsProperty(*, input_params=None)

Bases: object

Specifies the input parameters for a Guard Hook.

Parameters:: input_params (Union[IResolvable, S3LocationProperty, Dict[str, Any], None]) – Specifies the S3 location where your input parameters are located.
See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-options.html
ExampleMetadata:: fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cloudformation import mixins as cloudformation_mixins

options_property = cloudformation_mixins.CfnGuardHookPropsMixin.OptionsProperty(
    input_params=cloudformation_mixins.CfnGuardHookPropsMixin.S3LocationProperty(
        uri="uri",
        version_id="versionId"
    )
)

Attributes

input_params

Specifies the S3 location where your input parameters are located.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-options.html#cfn-cloudformation-guardhook-options-inputparams

S3LocationProperty

class CfnGuardHookPropsMixin.S3LocationProperty(*, uri=None, version_id=None)

Bases: object

Specifies the S3 location where your Guard rules or input parameters are located.

Parameters:

uri (Optional[str]) – Specifies the S3 path to the file that contains your Guard rules or input parameters (in the form s3://<bucket name>/<file name> ). For Guard rules, the object stored in S3 must have one of the following file extensions: .guard , .zip , or .tar.gz . For input parameters, the object stored in S3 must have one of the following file extensions: .yaml , .json , .zip , or .tar.gz .
version_id (Optional[str]) – For S3 buckets with versioning enabled, specifies the unique ID of the S3 object version to download your Guard rules or input parameters from. The Guard Hook downloads files from S3 every time the Hook is invoked. To prevent accidental changes or deletions, we recommend using a version when configuring your Guard Hook.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-s3location.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cloudformation import mixins as cloudformation_mixins

s3_location_property = cloudformation_mixins.CfnGuardHookPropsMixin.S3LocationProperty(
    uri="uri",
    version_id="versionId"
)

Attributes

uri

Specifies the S3 path to the file that contains your Guard rules or input parameters (in the form s3://<bucket name>/<file name> ).

For Guard rules, the object stored in S3 must have one of the following file extensions: .guard , .zip , or .tar.gz .

For input parameters, the object stored in S3 must have one of the following file extensions: .yaml , .json , .zip , or .tar.gz .

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-s3location.html#cfn-cloudformation-guardhook-s3location-uri

version_id

For S3 buckets with versioning enabled, specifies the unique ID of the S3 object version to download your Guard rules or input parameters from.

The Guard Hook downloads files from S3 every time the Hook is invoked. To prevent accidental changes or deletions, we recommend using a version when configuring your Guard Hook.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-s3location.html#cfn-cloudformation-guardhook-s3location-versionid

StackFiltersProperty

class CfnGuardHookPropsMixin.StackFiltersProperty(*, filtering_criteria=None, stack_names=None, stack_roles=None)

Bases: object

The StackFilters property type specifies stack level filters for a Hook.

The StackNames or StackRoles properties are optional. However, you must specify at least one of these properties.

For more information, see CloudFormation Hooks stack level filters .

Parameters:

filtering_criteria (Optional[str]) – The filtering criteria. - All stack names and stack roles ( All ): The Hook will only be invoked when all specified filters match. - Any stack names and stack roles ( Any ): The Hook will be invoked if at least one of the specified filters match. Default: - “ALL”
stack_names (Union[IResolvable, StackNamesProperty, Dict[str, Any], None]) – Includes or excludes specific stacks from Hook invocations.
stack_roles (Union[IResolvable, StackRolesProperty, Dict[str, Any], None]) – Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stackfilters.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cloudformation import mixins as cloudformation_mixins

stack_filters_property = cloudformation_mixins.CfnGuardHookPropsMixin.StackFiltersProperty(
    filtering_criteria="filteringCriteria",
    stack_names=cloudformation_mixins.CfnGuardHookPropsMixin.StackNamesProperty(
        exclude=["exclude"],
        include=["include"]
    ),
    stack_roles=cloudformation_mixins.CfnGuardHookPropsMixin.StackRolesProperty(
        exclude=["exclude"],
        include=["include"]
    )
)

Attributes

filtering_criteria

The filtering criteria.

All stack names and stack roles ( All ): The Hook will only be invoked when all specified filters match.
Any stack names and stack roles ( Any ): The Hook will be invoked if at least one of the specified filters match.

Default:

“ALL”

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stackfilters.html#cfn-cloudformation-guardhook-stackfilters-filteringcriteria

stack_names

Includes or excludes specific stacks from Hook invocations.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stackfilters.html#cfn-cloudformation-guardhook-stackfilters-stacknames

stack_roles

Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stackfilters.html#cfn-cloudformation-guardhook-stackfilters-stackroles

StackNamesProperty

class CfnGuardHookPropsMixin.StackNamesProperty(*, exclude=None, include=None)

Bases: object

Specifies the stack names for the StackFilters property type to include or exclude specific stacks from Hook invocations.

For more information, see CloudFormation Hooks stack level filters .

Parameters:

exclude (Optional[Sequence[str]]) – The stack names to exclude. All stacks except those listed here will invoke the Hook.
include (Optional[Sequence[str]]) – The stack names to include. Only the stacks specified in this list will invoke the Hook.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stacknames.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cloudformation import mixins as cloudformation_mixins

stack_names_property = cloudformation_mixins.CfnGuardHookPropsMixin.StackNamesProperty(
    exclude=["exclude"],
    include=["include"]
)

Attributes

exclude

The stack names to exclude.

All stacks except those listed here will invoke the Hook.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stacknames.html#cfn-cloudformation-guardhook-stacknames-exclude

include

The stack names to include.

Only the stacks specified in this list will invoke the Hook.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stacknames.html#cfn-cloudformation-guardhook-stacknames-include

StackRolesProperty

class CfnGuardHookPropsMixin.StackRolesProperty(*, exclude=None, include=None)

Bases: object

Specifies the stack roles for the StackFilters property type to include or exclude specific stacks from Hook invocations based on their associated IAM roles.

For more information, see CloudFormation Hooks stack level filters .

Parameters:

exclude (Optional[Sequence[str]]) – The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.
include (Optional[Sequence[str]]) – The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stackroles.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cloudformation import mixins as cloudformation_mixins

stack_roles_property = cloudformation_mixins.CfnGuardHookPropsMixin.StackRolesProperty(
    exclude=["exclude"],
    include=["include"]
)

Attributes

exclude

The IAM role ARNs for stacks you want to exclude.

The Hook will be invoked on all stacks except those initiated by the specified roles.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stackroles.html#cfn-cloudformation-guardhook-stackroles-exclude

include

The IAM role ARNs to target stacks associated with these roles.

Only stack operations initiated by these roles will invoke the Hook.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-stackroles.html#cfn-cloudformation-guardhook-stackroles-include

TargetFiltersProperty

class CfnGuardHookPropsMixin.TargetFiltersProperty(*, actions=None, invocation_points=None, target_names=None, targets=None)

Bases: object

The TargetFilters property type specifies the target filters for the Hook.

For more information, see CloudFormation Hook target filters .

Parameters:

actions (Optional[Sequence[str]]) – List of actions that the hook is going to target.
invocation_points (Optional[Sequence[str]]) – List of invocation points that the hook is going to target.
target_names (Optional[Sequence[str]]) – List of type names that the hook is going to target.
targets (Union[IResolvable, Sequence[Union[IResolvable, HookTargetProperty, Dict[str, Any]]], None]) – List of hook targets.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-targetfilters.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cloudformation import mixins as cloudformation_mixins

target_filters_property = cloudformation_mixins.CfnGuardHookPropsMixin.TargetFiltersProperty(
    actions=["actions"],
    invocation_points=["invocationPoints"],
    target_names=["targetNames"],
    targets=[cloudformation_mixins.CfnGuardHookPropsMixin.HookTargetProperty(
        action="action",
        invocation_point="invocationPoint",
        target_name="targetName"
    )]
)

Attributes

actions

List of actions that the hook is going to target.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-targetfilters.html#cfn-cloudformation-guardhook-targetfilters-actions

invocation_points

List of invocation points that the hook is going to target.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-targetfilters.html#cfn-cloudformation-guardhook-targetfilters-invocationpoints

target_names

List of type names that the hook is going to target.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-targetfilters.html#cfn-cloudformation-guardhook-targetfilters-targetnames

targets

List of hook targets.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-guardhook-targetfilters.html#cfn-cloudformation-guardhook-targetfilters-targets