alicloud.cfg.Rule
Explore with Pulumi AI
Provides a Config Rule resource.
For information about Config Rule and how to use it, see What is Rule.
NOTE: Available since v1.204.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const default = alicloud.resourcemanager.getResourceGroups({
status: "OK",
});
const defaultRule = new alicloud.cfg.Rule("default", {
description: "If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.",
sourceOwner: "ALIYUN",
sourceIdentifier: "contains-tag",
riskLevel: 1,
tagValueScope: "example-value",
tagKeyScope: "example-key",
excludeResourceIdsScope: "example-resource_id",
regionIdsScope: "cn-hangzhou",
configRuleTriggerTypes: "ConfigurationItemChangeNotification",
resourceGroupIdsScope: _default.then(_default => _default.ids?.[0]),
resourceTypesScopes: ["ACS::RDS::DBInstance"],
ruleName: "contains-tag",
inputParameters: {
key: "example",
value: "example",
},
});
import pulumi
import pulumi_alicloud as alicloud
default = alicloud.resourcemanager.get_resource_groups(status="OK")
default_rule = alicloud.cfg.Rule("default",
description="If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.",
source_owner="ALIYUN",
source_identifier="contains-tag",
risk_level=1,
tag_value_scope="example-value",
tag_key_scope="example-key",
exclude_resource_ids_scope="example-resource_id",
region_ids_scope="cn-hangzhou",
config_rule_trigger_types="ConfigurationItemChangeNotification",
resource_group_ids_scope=default.ids[0],
resource_types_scopes=["ACS::RDS::DBInstance"],
rule_name="contains-tag",
input_parameters={
"key": "example",
"value": "example",
})
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cfg"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/resourcemanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_default, err := resourcemanager.GetResourceGroups(ctx, &resourcemanager.GetResourceGroupsArgs{
Status: pulumi.StringRef("OK"),
}, nil)
if err != nil {
return err
}
_, err = cfg.NewRule(ctx, "default", &cfg.RuleArgs{
Description: pulumi.String("If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant."),
SourceOwner: pulumi.String("ALIYUN"),
SourceIdentifier: pulumi.String("contains-tag"),
RiskLevel: pulumi.Int(1),
TagValueScope: pulumi.String("example-value"),
TagKeyScope: pulumi.String("example-key"),
ExcludeResourceIdsScope: pulumi.String("example-resource_id"),
RegionIdsScope: pulumi.String("cn-hangzhou"),
ConfigRuleTriggerTypes: pulumi.String("ConfigurationItemChangeNotification"),
ResourceGroupIdsScope: pulumi.String(_default.Ids[0]),
ResourceTypesScopes: pulumi.StringArray{
pulumi.String("ACS::RDS::DBInstance"),
},
RuleName: pulumi.String("contains-tag"),
InputParameters: pulumi.StringMap{
"key": pulumi.String("example"),
"value": pulumi.String("example"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var @default = AliCloud.ResourceManager.GetResourceGroups.Invoke(new()
{
Status = "OK",
});
var defaultRule = new AliCloud.Cfg.Rule("default", new()
{
Description = "If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.",
SourceOwner = "ALIYUN",
SourceIdentifier = "contains-tag",
RiskLevel = 1,
TagValueScope = "example-value",
TagKeyScope = "example-key",
ExcludeResourceIdsScope = "example-resource_id",
RegionIdsScope = "cn-hangzhou",
ConfigRuleTriggerTypes = "ConfigurationItemChangeNotification",
ResourceGroupIdsScope = @default.Apply(@default => @default.Apply(getResourceGroupsResult => getResourceGroupsResult.Ids[0])),
ResourceTypesScopes = new[]
{
"ACS::RDS::DBInstance",
},
RuleName = "contains-tag",
InputParameters =
{
{ "key", "example" },
{ "value", "example" },
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.resourcemanager.ResourcemanagerFunctions;
import com.pulumi.alicloud.resourcemanager.inputs.GetResourceGroupsArgs;
import com.pulumi.alicloud.cfg.Rule;
import com.pulumi.alicloud.cfg.RuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var default = ResourcemanagerFunctions.getResourceGroups(GetResourceGroupsArgs.builder()
.status("OK")
.build());
var defaultRule = new Rule("defaultRule", RuleArgs.builder()
.description("If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.")
.sourceOwner("ALIYUN")
.sourceIdentifier("contains-tag")
.riskLevel(1)
.tagValueScope("example-value")
.tagKeyScope("example-key")
.excludeResourceIdsScope("example-resource_id")
.regionIdsScope("cn-hangzhou")
.configRuleTriggerTypes("ConfigurationItemChangeNotification")
.resourceGroupIdsScope(default_.ids()[0])
.resourceTypesScopes("ACS::RDS::DBInstance")
.ruleName("contains-tag")
.inputParameters(Map.ofEntries(
Map.entry("key", "example"),
Map.entry("value", "example")
))
.build());
}
}
resources:
defaultRule:
type: alicloud:cfg:Rule
name: default
properties:
description: If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.
sourceOwner: ALIYUN
sourceIdentifier: contains-tag
riskLevel: 1
tagValueScope: example-value
tagKeyScope: example-key
excludeResourceIdsScope: example-resource_id
regionIdsScope: cn-hangzhou
configRuleTriggerTypes: ConfigurationItemChangeNotification
resourceGroupIdsScope: ${default.ids[0]}
resourceTypesScopes:
- ACS::RDS::DBInstance
ruleName: contains-tag
inputParameters:
key: example
value: example
variables:
default:
fn::invoke:
Function: alicloud:resourcemanager:getResourceGroups
Arguments:
status: OK
Create Rule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Rule(name: string, args: RuleArgs, opts?: CustomResourceOptions);
@overload
def Rule(resource_name: str,
args: RuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Rule(resource_name: str,
opts: Optional[ResourceOptions] = None,
source_identifier: Optional[str] = None,
source_owner: Optional[str] = None,
rule_name: Optional[str] = None,
risk_level: Optional[int] = None,
exclude_resource_ids_scope: Optional[str] = None,
source_detail_message_type: Optional[str] = None,
resource_group_ids_scope: Optional[str] = None,
resource_types_scopes: Optional[Sequence[str]] = None,
tag_value_scope: Optional[str] = None,
description: Optional[str] = None,
input_parameters: Optional[Mapping[str, str]] = None,
region_ids_scope: Optional[str] = None,
config_rule_trigger_types: Optional[str] = None,
source_maximum_execution_frequency: Optional[str] = None,
maximum_execution_frequency: Optional[str] = None,
status: Optional[str] = None,
tag_key_scope: Optional[str] = None,
scope_compliance_resource_types: Optional[str] = None)
func NewRule(ctx *Context, name string, args RuleArgs, opts ...ResourceOption) (*Rule, error)
public Rule(string name, RuleArgs args, CustomResourceOptions? opts = null)
type: alicloud:cfg:Rule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var alicloudRuleResource = new AliCloud.Cfg.Rule("alicloudRuleResource", new()
{
SourceIdentifier = "string",
SourceOwner = "string",
RuleName = "string",
RiskLevel = 0,
ExcludeResourceIdsScope = "string",
ResourceGroupIdsScope = "string",
ResourceTypesScopes = new[]
{
"string",
},
TagValueScope = "string",
Description = "string",
InputParameters =
{
{ "string", "string" },
},
RegionIdsScope = "string",
ConfigRuleTriggerTypes = "string",
MaximumExecutionFrequency = "string",
Status = "string",
TagKeyScope = "string",
});
example, err := cfg.NewRule(ctx, "alicloudRuleResource", &cfg.RuleArgs{
SourceIdentifier: pulumi.String("string"),
SourceOwner: pulumi.String("string"),
RuleName: pulumi.String("string"),
RiskLevel: pulumi.Int(0),
ExcludeResourceIdsScope: pulumi.String("string"),
ResourceGroupIdsScope: pulumi.String("string"),
ResourceTypesScopes: pulumi.StringArray{
pulumi.String("string"),
},
TagValueScope: pulumi.String("string"),
Description: pulumi.String("string"),
InputParameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
RegionIdsScope: pulumi.String("string"),
ConfigRuleTriggerTypes: pulumi.String("string"),
MaximumExecutionFrequency: pulumi.String("string"),
Status: pulumi.String("string"),
TagKeyScope: pulumi.String("string"),
})
var alicloudRuleResource = new Rule("alicloudRuleResource", RuleArgs.builder()
.sourceIdentifier("string")
.sourceOwner("string")
.ruleName("string")
.riskLevel(0)
.excludeResourceIdsScope("string")
.resourceGroupIdsScope("string")
.resourceTypesScopes("string")
.tagValueScope("string")
.description("string")
.inputParameters(Map.of("string", "string"))
.regionIdsScope("string")
.configRuleTriggerTypes("string")
.maximumExecutionFrequency("string")
.status("string")
.tagKeyScope("string")
.build());
alicloud_rule_resource = alicloud.cfg.Rule("alicloudRuleResource",
source_identifier="string",
source_owner="string",
rule_name="string",
risk_level=0,
exclude_resource_ids_scope="string",
resource_group_ids_scope="string",
resource_types_scopes=["string"],
tag_value_scope="string",
description="string",
input_parameters={
"string": "string",
},
region_ids_scope="string",
config_rule_trigger_types="string",
maximum_execution_frequency="string",
status="string",
tag_key_scope="string")
const alicloudRuleResource = new alicloud.cfg.Rule("alicloudRuleResource", {
sourceIdentifier: "string",
sourceOwner: "string",
ruleName: "string",
riskLevel: 0,
excludeResourceIdsScope: "string",
resourceGroupIdsScope: "string",
resourceTypesScopes: ["string"],
tagValueScope: "string",
description: "string",
inputParameters: {
string: "string",
},
regionIdsScope: "string",
configRuleTriggerTypes: "string",
maximumExecutionFrequency: "string",
status: "string",
tagKeyScope: "string",
});
type: alicloud:cfg:Rule
properties:
configRuleTriggerTypes: string
description: string
excludeResourceIdsScope: string
inputParameters:
string: string
maximumExecutionFrequency: string
regionIdsScope: string
resourceGroupIdsScope: string
resourceTypesScopes:
- string
riskLevel: 0
ruleName: string
sourceIdentifier: string
sourceOwner: string
status: string
tagKeyScope: string
tagValueScope: string
Rule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Rule resource accepts the following input properties:
- Risk
Level int - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - Rule
Name string - The name of the rule.
- Source
Identifier string - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- Source
Owner string - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - Config
Rule stringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - Description string
- The description of the rule.
- Exclude
Resource stringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- Input
Parameters Dictionary<string, string> - The settings of the input parameters for the rule.
- Maximum
Execution stringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - Region
Ids stringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- Resource
Group stringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- Resource
Types List<string>Scopes - The types of the resources to be evaluated against the rule.
- Scope
Compliance stringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- Source
Detail stringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- Source
Maximum stringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- Status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- Tag
Key stringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- Tag
Value stringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- Risk
Level int - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - Rule
Name string - The name of the rule.
- Source
Identifier string - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- Source
Owner string - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - Config
Rule stringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - Description string
- The description of the rule.
- Exclude
Resource stringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- Input
Parameters map[string]string - The settings of the input parameters for the rule.
- Maximum
Execution stringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - Region
Ids stringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- Resource
Group stringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- Resource
Types []stringScopes - The types of the resources to be evaluated against the rule.
- Scope
Compliance stringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- Source
Detail stringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- Source
Maximum stringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- Status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- Tag
Key stringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- Tag
Value stringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- risk
Level Integer - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - rule
Name String - The name of the rule.
- source
Identifier String - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source
Owner String - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - config
Rule StringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - description String
- The description of the rule.
- exclude
Resource StringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input
Parameters Map<String,String> - The settings of the input parameters for the rule.
- maximum
Execution StringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - region
Ids StringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Group StringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Types List<String>Scopes - The types of the resources to be evaluated against the rule.
- scope
Compliance StringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source
Detail StringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source
Maximum StringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- status String
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag
Key StringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- tag
Value StringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- risk
Level number - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - rule
Name string - The name of the rule.
- source
Identifier string - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source
Owner string - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - config
Rule stringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - description string
- The description of the rule.
- exclude
Resource stringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input
Parameters {[key: string]: string} - The settings of the input parameters for the rule.
- maximum
Execution stringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - region
Ids stringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Group stringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Types string[]Scopes - The types of the resources to be evaluated against the rule.
- scope
Compliance stringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source
Detail stringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source
Maximum stringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag
Key stringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- tag
Value stringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- risk_
level int - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - rule_
name str - The name of the rule.
- source_
identifier str - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source_
owner str - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - config_
rule_ strtrigger_ types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - description str
- The description of the rule.
- exclude_
resource_ strids_ scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input_
parameters Mapping[str, str] - The settings of the input parameters for the rule.
- maximum_
execution_ strfrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - region_
ids_ strscope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource_
group_ strids_ scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource_
types_ Sequence[str]scopes - The types of the resources to be evaluated against the rule.
- scope_
compliance_ strresource_ types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source_
detail_ strmessage_ type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source_
maximum_ strexecution_ frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- status str
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag_
key_ strscope - The rule monitors the tag key, only applies to rules created based on managed rules.
- tag_
value_ strscope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- risk
Level Number - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - rule
Name String - The name of the rule.
- source
Identifier String - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source
Owner String - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - config
Rule StringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - description String
- The description of the rule.
- exclude
Resource StringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input
Parameters Map<String> - The settings of the input parameters for the rule.
- maximum
Execution StringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - region
Ids StringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Group StringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Types List<String>Scopes - The types of the resources to be evaluated against the rule.
- scope
Compliance StringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source
Detail StringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source
Maximum StringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- status String
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag
Key StringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- tag
Value StringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
Outputs
All input properties are implicitly available as output properties. Additionally, the Rule resource produces the following output properties:
- Account
Id int - The ID of Alicloud account.
- Compliance
Pulumi.
Ali Cloud. Cfg. Outputs. Rule Compliance - compliance information.
- Compliance
Pack stringId - Compliance Package ID.
- Config
Rule stringArn - config rule arn.
- Config
Rule stringId - The ID of the rule.
- Create
Time int - The timestamp when the rule was created.
- Event
Source string - The event source of the rule.
- Id string
- The provider-assigned unique ID for this managed resource.
- Modified
Timestamp int - The timestamp when the rule was last modified.
- Account
Id int - The ID of Alicloud account.
- Compliance
Rule
Compliance - compliance information.
- Compliance
Pack stringId - Compliance Package ID.
- Config
Rule stringArn - config rule arn.
- Config
Rule stringId - The ID of the rule.
- Create
Time int - The timestamp when the rule was created.
- Event
Source string - The event source of the rule.
- Id string
- The provider-assigned unique ID for this managed resource.
- Modified
Timestamp int - The timestamp when the rule was last modified.
- account
Id Integer - The ID of Alicloud account.
- compliance
Rule
Compliance - compliance information.
- compliance
Pack StringId - Compliance Package ID.
- config
Rule StringArn - config rule arn.
- config
Rule StringId - The ID of the rule.
- create
Time Integer - The timestamp when the rule was created.
- event
Source String - The event source of the rule.
- id String
- The provider-assigned unique ID for this managed resource.
- modified
Timestamp Integer - The timestamp when the rule was last modified.
- account
Id number - The ID of Alicloud account.
- compliance
Rule
Compliance - compliance information.
- compliance
Pack stringId - Compliance Package ID.
- config
Rule stringArn - config rule arn.
- config
Rule stringId - The ID of the rule.
- create
Time number - The timestamp when the rule was created.
- event
Source string - The event source of the rule.
- id string
- The provider-assigned unique ID for this managed resource.
- modified
Timestamp number - The timestamp when the rule was last modified.
- account_
id int - The ID of Alicloud account.
- compliance
Rule
Compliance - compliance information.
- compliance_
pack_ strid - Compliance Package ID.
- config_
rule_ strarn - config rule arn.
- config_
rule_ strid - The ID of the rule.
- create_
time int - The timestamp when the rule was created.
- event_
source str - The event source of the rule.
- id str
- The provider-assigned unique ID for this managed resource.
- modified_
timestamp int - The timestamp when the rule was last modified.
- account
Id Number - The ID of Alicloud account.
- compliance Property Map
- compliance information.
- compliance
Pack StringId - Compliance Package ID.
- config
Rule StringArn - config rule arn.
- config
Rule StringId - The ID of the rule.
- create
Time Number - The timestamp when the rule was created.
- event
Source String - The event source of the rule.
- id String
- The provider-assigned unique ID for this managed resource.
- modified
Timestamp Number - The timestamp when the rule was last modified.
Look up Existing Rule Resource
Get an existing Rule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RuleState, opts?: CustomResourceOptions): Rule
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[int] = None,
compliance: Optional[RuleComplianceArgs] = None,
compliance_pack_id: Optional[str] = None,
config_rule_arn: Optional[str] = None,
config_rule_id: Optional[str] = None,
config_rule_trigger_types: Optional[str] = None,
create_time: Optional[int] = None,
description: Optional[str] = None,
event_source: Optional[str] = None,
exclude_resource_ids_scope: Optional[str] = None,
input_parameters: Optional[Mapping[str, str]] = None,
maximum_execution_frequency: Optional[str] = None,
modified_timestamp: Optional[int] = None,
region_ids_scope: Optional[str] = None,
resource_group_ids_scope: Optional[str] = None,
resource_types_scopes: Optional[Sequence[str]] = None,
risk_level: Optional[int] = None,
rule_name: Optional[str] = None,
scope_compliance_resource_types: Optional[str] = None,
source_detail_message_type: Optional[str] = None,
source_identifier: Optional[str] = None,
source_maximum_execution_frequency: Optional[str] = None,
source_owner: Optional[str] = None,
status: Optional[str] = None,
tag_key_scope: Optional[str] = None,
tag_value_scope: Optional[str] = None) -> Rule
func GetRule(ctx *Context, name string, id IDInput, state *RuleState, opts ...ResourceOption) (*Rule, error)
public static Rule Get(string name, Input<string> id, RuleState? state, CustomResourceOptions? opts = null)
public static Rule get(String name, Output<String> id, RuleState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id int - The ID of Alicloud account.
- Compliance
Pulumi.
Ali Cloud. Cfg. Inputs. Rule Compliance - compliance information.
- Compliance
Pack stringId - Compliance Package ID.
- Config
Rule stringArn - config rule arn.
- Config
Rule stringId - The ID of the rule.
- Config
Rule stringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - Create
Time int - The timestamp when the rule was created.
- Description string
- The description of the rule.
- Event
Source string - The event source of the rule.
- Exclude
Resource stringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- Input
Parameters Dictionary<string, string> - The settings of the input parameters for the rule.
- Maximum
Execution stringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - Modified
Timestamp int - The timestamp when the rule was last modified.
- Region
Ids stringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- Resource
Group stringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- Resource
Types List<string>Scopes - The types of the resources to be evaluated against the rule.
- Risk
Level int - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - Rule
Name string - The name of the rule.
- Scope
Compliance stringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- Source
Detail stringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- Source
Identifier string - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- Source
Maximum stringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- Source
Owner string - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - Status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- Tag
Key stringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- Tag
Value stringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- Account
Id int - The ID of Alicloud account.
- Compliance
Rule
Compliance Args - compliance information.
- Compliance
Pack stringId - Compliance Package ID.
- Config
Rule stringArn - config rule arn.
- Config
Rule stringId - The ID of the rule.
- Config
Rule stringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - Create
Time int - The timestamp when the rule was created.
- Description string
- The description of the rule.
- Event
Source string - The event source of the rule.
- Exclude
Resource stringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- Input
Parameters map[string]string - The settings of the input parameters for the rule.
- Maximum
Execution stringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - Modified
Timestamp int - The timestamp when the rule was last modified.
- Region
Ids stringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- Resource
Group stringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- Resource
Types []stringScopes - The types of the resources to be evaluated against the rule.
- Risk
Level int - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - Rule
Name string - The name of the rule.
- Scope
Compliance stringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- Source
Detail stringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- Source
Identifier string - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- Source
Maximum stringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- Source
Owner string - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - Status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- Tag
Key stringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- Tag
Value stringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- account
Id Integer - The ID of Alicloud account.
- compliance
Rule
Compliance - compliance information.
- compliance
Pack StringId - Compliance Package ID.
- config
Rule StringArn - config rule arn.
- config
Rule StringId - The ID of the rule.
- config
Rule StringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - create
Time Integer - The timestamp when the rule was created.
- description String
- The description of the rule.
- event
Source String - The event source of the rule.
- exclude
Resource StringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input
Parameters Map<String,String> - The settings of the input parameters for the rule.
- maximum
Execution StringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - modified
Timestamp Integer - The timestamp when the rule was last modified.
- region
Ids StringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Group StringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Types List<String>Scopes - The types of the resources to be evaluated against the rule.
- risk
Level Integer - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - rule
Name String - The name of the rule.
- scope
Compliance StringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source
Detail StringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source
Identifier String - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source
Maximum StringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- source
Owner String - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - status String
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag
Key StringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- tag
Value StringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- account
Id number - The ID of Alicloud account.
- compliance
Rule
Compliance - compliance information.
- compliance
Pack stringId - Compliance Package ID.
- config
Rule stringArn - config rule arn.
- config
Rule stringId - The ID of the rule.
- config
Rule stringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - create
Time number - The timestamp when the rule was created.
- description string
- The description of the rule.
- event
Source string - The event source of the rule.
- exclude
Resource stringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input
Parameters {[key: string]: string} - The settings of the input parameters for the rule.
- maximum
Execution stringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - modified
Timestamp number - The timestamp when the rule was last modified.
- region
Ids stringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Group stringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Types string[]Scopes - The types of the resources to be evaluated against the rule.
- risk
Level number - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - rule
Name string - The name of the rule.
- scope
Compliance stringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source
Detail stringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source
Identifier string - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source
Maximum stringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- source
Owner string - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag
Key stringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- tag
Value stringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- account_
id int - The ID of Alicloud account.
- compliance
Rule
Compliance Args - compliance information.
- compliance_
pack_ strid - Compliance Package ID.
- config_
rule_ strarn - config rule arn.
- config_
rule_ strid - The ID of the rule.
- config_
rule_ strtrigger_ types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - create_
time int - The timestamp when the rule was created.
- description str
- The description of the rule.
- event_
source str - The event source of the rule.
- exclude_
resource_ strids_ scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input_
parameters Mapping[str, str] - The settings of the input parameters for the rule.
- maximum_
execution_ strfrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - modified_
timestamp int - The timestamp when the rule was last modified.
- region_
ids_ strscope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource_
group_ strids_ scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource_
types_ Sequence[str]scopes - The types of the resources to be evaluated against the rule.
- risk_
level int - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - rule_
name str - The name of the rule.
- scope_
compliance_ strresource_ types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source_
detail_ strmessage_ type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source_
identifier str - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source_
maximum_ strexecution_ frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- source_
owner str - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - status str
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag_
key_ strscope - The rule monitors the tag key, only applies to rules created based on managed rules.
- tag_
value_ strscope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
- account
Id Number - The ID of Alicloud account.
- compliance Property Map
- compliance information.
- compliance
Pack StringId - Compliance Package ID.
- config
Rule StringArn - config rule arn.
- config
Rule StringId - The ID of the rule.
- config
Rule StringTrigger Types - The trigger type of the rule. Valid values:
ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled. - create
Time Number - The timestamp when the rule was created.
- description String
- The description of the rule.
- event
Source String - The event source of the rule.
- exclude
Resource StringIds Scope - The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input
Parameters Map<String> - The settings of the input parameters for the rule.
- maximum
Execution StringFrequency - The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values:
One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. - modified
Timestamp Number - The timestamp when the rule was last modified.
- region
Ids StringScope - The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Group StringIds Scope - The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource
Types List<String>Scopes - The types of the resources to be evaluated against the rule.
- risk
Level Number - The risk level of the resources that are not compliant with the rule. Valid values:
1
: critical2
: warning3
: info - rule
Name String - The name of the rule.
- scope
Compliance StringResource Types - Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source
Detail StringMessage Type - Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source
Identifier String - The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source
Maximum StringExecution Frequency - Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- source
Owner String - Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:
CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule - status String
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag
Key StringScope - The rule monitors the tag key, only applies to rules created based on managed rules.
- tag
Value StringScope The rule monitors the tag value, only applies to rules created based on managed rules.
The following arguments will be discarded. Please use new fields as soon as possible:
Supporting Types
RuleCompliance, RuleComplianceArgs
- Compliance
Type string - The type of compliance. Valid values:
COMPLIANT
,NON_COMPLIANT
,NOT_APPLICABLE
,INSUFFICIENT_DATA
. - Count int
- The count of compliance.
- Compliance
Type string - The type of compliance. Valid values:
COMPLIANT
,NON_COMPLIANT
,NOT_APPLICABLE
,INSUFFICIENT_DATA
. - Count int
- The count of compliance.
- compliance
Type String - The type of compliance. Valid values:
COMPLIANT
,NON_COMPLIANT
,NOT_APPLICABLE
,INSUFFICIENT_DATA
. - count Integer
- The count of compliance.
- compliance
Type string - The type of compliance. Valid values:
COMPLIANT
,NON_COMPLIANT
,NOT_APPLICABLE
,INSUFFICIENT_DATA
. - count number
- The count of compliance.
- compliance_
type str - The type of compliance. Valid values:
COMPLIANT
,NON_COMPLIANT
,NOT_APPLICABLE
,INSUFFICIENT_DATA
. - count int
- The count of compliance.
- compliance
Type String - The type of compliance. Valid values:
COMPLIANT
,NON_COMPLIANT
,NOT_APPLICABLE
,INSUFFICIENT_DATA
. - count Number
- The count of compliance.
Import
Config Rule can be imported using the id, e.g.
$ pulumi import alicloud:cfg/rule:Rule example <id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloud
Terraform Provider.