pulumi-alicloud-kotlin/com.pulumi.alicloud.cfg.kotlin/Rule

Rule

class Rule : KotlinCustomResource

Provides a a Alicloud Config Rule resource. Cloud Config checks the validity of resources based on rules. You can create rules to evaluate resources as needed. For information about Alicloud Config Rule and how to use it, see What is Alicloud Config Rule.

NOTE: Available in v1.99.0+. NOTE: The Cloud Config region only support cn-shanghai and ap-southeast-1. NOTE: If you use custom rules, you need to create your own rule functions in advance. Please refer to the link for Create a custom rule.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.cfg.Rule;
import com.pulumi.alicloud.cfg.RuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Rule("example", RuleArgs.builder()
            .configRuleTriggerTypes("ConfigurationItemChangeNotification")
            .description("ecs instances in vpc")
            .inputParameters(Map.of("vpcIds", "vpc-uf6gksw4ctjd******"))
            .resourceTypesScopes("ACS::ECS::Instance")
            .riskLevel(1)
            .ruleName("instances-in-vpc")
            .sourceIdentifier("ecs-instances-in-vpc")
            .sourceOwner("ALIYUN")
            .build());
    }
}
Content copied to clipboard

Import

Alicloud Config Rule can be imported using the id, e.g.

$ pulumi import alicloud:cfg/rule:Rule this cr-ed4bad756057********
Content copied to clipboard

Properties

Link copied to clipboard
val configRuleTriggerTypes: Output<String>

The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes. ScheduledNotification: The rule is triggered as scheduled.

Link copied to clipboard
val description: Output<String>?

The description of the Config Rule.

Link copied to clipboard
val excludeResourceIdsScope: Output<String>?

The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, custom rule this field is empty.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val inputParameters: Output<Map<String, Any>>?

Threshold value for managed rule triggering.

Link copied to clipboard
val maximumExecutionFrequency: Output<String>

The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours.

Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val regionIdsScope: Output<String>?

The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.

Link copied to clipboard
val resourceGroupIdsScope: Output<String>?

The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.

Link copied to clipboard
Link copied to clipboard
val riskLevel: Output<Int>

The risk level of the Config Rule. Valid values: 1: Critical ,2: Warning , 3: Info.

Link copied to clipboard
val ruleName: Output<String>

The name of the Config Rule.

Link copied to clipboard
val scopeComplianceResourceTypes: Output<List<String>>

Field scope_compliance_resource_types has been deprecated from provider version 1.124.1. New field resource_types_scope instead.

Link copied to clipboard
val sourceDetailMessageType: Output<String>

Field source_detail_message_type has been deprecated from provider version 1.124.1. New field config_rule_trigger_types instead.

Link copied to clipboard
val sourceIdentifier: Output<String>

The identifier of the rule. For a managed rule, the value is the identifier of the managed rule. For a custom rule, the value is the ARN of the custom rule. Using managed rules, refer to List of Managed rules.

Link copied to clipboard
val sourceMaximumExecutionFrequency: Output<String>

Field source_maximum_execution_frequency has been deprecated from provider version 1.124.1. New field maximum_execution_frequency instead.

Link copied to clipboard
val sourceOwner: Output<String>

Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule. ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule.

Link copied to clipboard
val status: Output<String>

The rule status. The valid values: ACTIVE, INACTIVE.

Link copied to clipboard
val tagKeyScope: Output<String>?

The rule monitors the tag key, only applies to rules created based on managed rules.

Link copied to clipboard
val tagValueScope: Output<String>?

The rule monitors the tag value, use with the tag_key_scope options. only applies to rules created based on managed rules.

Link copied to clipboard
val urn: Output<String>