AWS::Config::OrganizationConfigRule OrganizationManagedRuleMetadata

An object that specifies organization managed rule metadata such as resource type and ID of AWS resource along with the rule identifier. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Description" : String,
  "InputParameters" : String,
  "MaximumExecutionFrequency" : String,
  "ResourceIdScope" : String,
  "ResourceTypesScope" : [ String, ... ],
  "RuleIdentifier" : String,
  "TagKeyScope" : String,
  "TagValueScope" : String
}

YAML


  Description: String
  InputParameters: String
  MaximumExecutionFrequency: String
  ResourceIdScope: String
  ResourceTypesScope: 
    - String
  RuleIdentifier: String
  TagKeyScope: String
  TagValueScope: String

Properties

Description

The description that you provide for your organization AWS Config rule.

Required: No

Type: String

Minimum: 0

Maximum: 256

Update requires: No interruption

InputParameters

A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.

Required: No

Type: String

Minimum: 1

Maximum: 2048

Update requires: No interruption

MaximumExecutionFrequency

The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.

Note

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

Required: No

Type: String

Allowed values: One_Hour | Three_Hours | Six_Hours | Twelve_Hours | TwentyFour_Hours

Update requires: No interruption

ResourceIdScope

The ID of the AWS resource that was evaluated.

Required: No

Type: String

Minimum: 1

Maximum: 768

Update requires: No interruption

ResourceTypesScope

The type of the AWS resource that was evaluated.

Required: No

Type: Array of String

Minimum: 0

Maximum: 100

Update requires: No interruption

RuleIdentifier

For organization config managed rules, a predefined identifier from a list. For example, IAM_PASSWORD_POLICY is a managed rule. To reference a managed rule, see Using AWS Config managed rules.

Required: Yes

Type: String

Minimum: 1

Maximum: 256

Update requires: No interruption

TagKeyScope

One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.

Required: No

Type: String

Minimum: 1

Maximum: 128

Update requires: No interruption

TagValueScope

The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).

Required: No

Type: String

Minimum: 1

Maximum: 256

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

OrganizationCustomRuleMetadata

AWS::Config::OrganizationConformancePack