CfnAllowListPropsMixin
- class aws_cdk.mixins_preview.aws_macie.mixins.CfnAllowListPropsMixin(props, *, strategy=None)
Bases:
MixinThe
AWS::Macie::AllowListresource specifies an allow list.In Amazon Macie , an allow list defines specific text or a text pattern for Macie to ignore when it inspects data sources for sensitive data. If data matches text or a text pattern in an allow list, Macie doesn’t report the data in sensitive data findings or sensitive data discovery results, even if the data matches the criteria of a custom data identifier or a managed data identifier. You can create and use allow lists in all the AWS Regions where Macie is currently available except the Asia Pacific (Osaka) Region.
Macie supports two types of allow lists:
Predefined text - For this type of list (
S3WordsList), you create a line-delimited plaintext file that lists specific text to ignore, and you store the file in an Amazon Simple Storage Service ( Amazon S3 ) bucket. You then configure settings for Macie to access the list in the bucket.
This type of list typically contains specific words, phrases, and other kinds of character sequences that aren’t sensitive, aren’t likely to change, and don’t necessarily adhere to a common pattern. If you use this type of list, Macie doesn’t report occurrences of text that exactly match a complete entry in the list. Macie treats each entry in the list as a string literal value. Matches aren’t case sensitive.
Regular expression - For this type of list (
Regex), you specify a regular expression that defines a text pattern to ignore. Unlike an allow list with predefined text, you store the regex and all other list settings in Macie .
This type of list is helpful if you want to specify text that isn’t sensitive but varies or is likely to change while also adhering to a common pattern. If you use this type of list, Macie doesn’t report occurrences of text that completely match the pattern defined by the list.
For more information, see Defining sensitive data exceptions with allow lists in the Amazon Macie User Guide .
An
AWS::Macie::Sessionresource must exist for an AWS account before you can create anAWS::Macie::AllowListresource for the account. Use a DependsOn attribute to ensure that anAWS::Macie::Sessionresource is created before other Macie resources are created for an account. For example,"DependsOn": "Session".- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-allowlist.html
- CloudformationResource:
AWS::Macie::AllowList
- Mixin:
true
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview import mixins from aws_cdk.mixins_preview.aws_macie import mixins as macie_mixins cfn_allow_list_props_mixin = macie_mixins.CfnAllowListPropsMixin(macie_mixins.CfnAllowListMixinProps( criteria=macie_mixins.CfnAllowListPropsMixin.CriteriaProperty( regex="regex", s3_words_list=macie_mixins.CfnAllowListPropsMixin.S3WordsListProperty( bucket_name="bucketName", object_key="objectKey" ) ), description="description", name="name", tags=[CfnTag( key="key", value="value" )] ), strategy=mixins.PropertyMergeStrategy.OVERRIDE )
Create a mixin to apply properties to
AWS::Macie::AllowList.- Parameters:
props (
Union[CfnAllowListMixinProps,Dict[str,Any]]) – L1 properties to apply.strategy (
Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE
Methods
- apply_to(construct)
Apply the mixin properties to the construct.
- Parameters:
construct (
IConstruct)- Return type:
- supports(construct)
Check if this mixin supports the given construct.
- Parameters:
construct (
IConstruct)- Return type:
bool
Attributes
- CFN_PROPERTY_KEYS = ['criteria', 'description', 'name', 'tags']
Static Methods
- classmethod is_mixin(x)
(experimental) Checks if
xis a Mixin.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsMixin.- Stability:
experimental
CriteriaProperty
- class CfnAllowListPropsMixin.CriteriaProperty(*, regex=None, s3_words_list=None)
Bases:
objectSpecifies the criteria for an allow list, which is a list that defines specific text or a text pattern to ignore when inspecting data sources for sensitive data.
The criteria can be:
The location and name of an Amazon Simple Storage Service ( Amazon S3 ) object that lists specific predefined text to ignore (
S3WordsList), orA regular expression (
Regex) that defines a text pattern to ignore.
The criteria must specify either an S3 object or a regular expression. It can’t specify both.
- Parameters:
regex (
Optional[str]) – The regular expression ( regex ) that defines the text pattern to ignore. The expression can contain 1-512 characters.s3_words_list (
Union[IResolvable,S3WordsListProperty,Dict[str,Any],None]) – The location and name of an Amazon S3 object that lists specific text to ignore.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_macie import mixins as macie_mixins criteria_property = macie_mixins.CfnAllowListPropsMixin.CriteriaProperty( regex="regex", s3_words_list=macie_mixins.CfnAllowListPropsMixin.S3WordsListProperty( bucket_name="bucketName", object_key="objectKey" ) )
Attributes
- regex
The regular expression ( regex ) that defines the text pattern to ignore.
The expression can contain 1-512 characters.
- s3_words_list
The location and name of an Amazon S3 object that lists specific text to ignore.
S3WordsListProperty
- class CfnAllowListPropsMixin.S3WordsListProperty(*, bucket_name=None, object_key=None)
Bases:
objectSpecifies the location and name of an Amazon Simple Storage Service ( Amazon S3 ) object that lists specific, predefined text to ignore when inspecting data sources for sensitive data.
- Parameters:
bucket_name (
Optional[str]) – The full name of the S3 bucket that contains the object. This value correlates to theNamefield of a bucket’s properties in Amazon S3 . This value is case sensitive. In addition, don’t use wildcard characters or specify partial values for the name.object_key (
Optional[str]) – The full name of the S3 object. This value correlates to theKeyfield of an object’s properties in Amazon S3 . If the name includes a path, include the complete path. For example,AllowLists/Macie/MyList.txt. This value is case sensitive. In addition, don’t use wildcard characters or specify partial values for the name.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_macie import mixins as macie_mixins s3_words_list_property = macie_mixins.CfnAllowListPropsMixin.S3WordsListProperty( bucket_name="bucketName", object_key="objectKey" )
Attributes
- bucket_name
The full name of the S3 bucket that contains the object.
This value correlates to the
Namefield of a bucket’s properties in Amazon S3 .This value is case sensitive. In addition, don’t use wildcard characters or specify partial values for the name.
- object_key
The full name of the S3 object.
This value correlates to the
Keyfield of an object’s properties in Amazon S3 . If the name includes a path, include the complete path. For example,AllowLists/Macie/MyList.txt.This value is case sensitive. In addition, don’t use wildcard characters or specify partial values for the name.