pulumi-alicloud-kotlin/com.pulumi.alicloud.cfg.kotlin/CompliancePack

CompliancePack

class CompliancePack : KotlinCustomResource

Provides a Cloud Config Compliance Pack resource. For information about Cloud Config Compliance Pack and how to use it, see What is Compliance Pack.

NOTE: Available since v1.124.0.

Example Usage

Basic Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.inputs.GetRegionsArgs;
import com.pulumi.alicloud.cfg.Rule;
import com.pulumi.alicloud.cfg.RuleArgs;
import com.pulumi.alicloud.cfg.CompliancePack;
import com.pulumi.alicloud.cfg.CompliancePackArgs;
import com.pulumi.alicloud.cfg.inputs.CompliancePackConfigRuleIdArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var config = ctx.config();
        final var name = config.get("name").orElse("tf-example-config");
        final var defaultRegions = AlicloudFunctions.getRegions(GetRegionsArgs.builder()
            .current(true)
            .build());
        var defaultRule = new Rule("defaultRule", RuleArgs.builder()
            .description("If the ACL policy of the OSS bucket denies read access from the Internet, the configuration is considered compliant.")
            .sourceOwner("ALIYUN")
            .sourceIdentifier("oss-bucket-public-read-prohibited")
            .riskLevel(1)
            .tagKeyScope("For")
            .tagValueScope("example")
            .regionIdsScope(defaultRegions.applyValue(getRegionsResult -> getRegionsResult.regions()[0].id()))
            .configRuleTriggerTypes("ConfigurationItemChangeNotification")
            .resourceTypesScopes("ACS::OSS::Bucket")
            .ruleName("oss-bucket-public-read-prohibited")
            .build());
        var defaultCompliancePack = new CompliancePack("defaultCompliancePack", CompliancePackArgs.builder()
            .compliancePackName(name)
            .description(name)
            .riskLevel("1")
            .configRuleIds(CompliancePackConfigRuleIdArgs.builder()
                .configRuleId(defaultRule.id())
                .build())
            .build());
    }
}
Content copied to clipboard

Import

Cloud Config Compliance Pack can be imported using the id, e.g.

$ pulumi import alicloud:cfg/compliancePack:CompliancePack example <id>
Content copied to clipboard

Properties

Link copied to clipboard
val compliancePackName: Output<String>

The Compliance Package Name. . NOTE: the compliance_pack_name supports modification since V1.146.0.

Link copied to clipboard
val compliancePackTemplateId: Output<String>?

Compliance Package Template Id.

Link copied to clipboard
val configRuleIds: Output<List<CompliancePackConfigRuleId>>?

A list of Config Rule IDs. See config_rule_ids below.

Link copied to clipboard
val configRules: Output<List<CompliancePackConfigRule>>?

A list of Config Rules. See config_rules below.

Link copied to clipboard
val description: Output<String>

The Description of compliance pack.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val riskLevel: Output<Int>

The Risk Level. Valid values: 1: critical, 2: warning, 3: info.

Link copied to clipboard
val status: Output<String>

The status of the resource. The valid values: CREATING, ACTIVE.

Link copied to clipboard
val urn: Output<String>