pulumi-alicloud-kotlin/com.pulumi.alicloud.cfg.kotlin/CompliancePack

CompliancePack

class CompliancePack : KotlinCustomResource

Provides a Cloud Config Compliance Pack resource. For information about Cloud Config Compliance Pack and how to use it, see What is Compliance Pack.

NOTE: Available since v1.124.0.

Example Usage

Basic Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.inputs.GetRegionsArgs;
import com.pulumi.alicloud.cfg.Rule;
import com.pulumi.alicloud.cfg.RuleArgs;
import com.pulumi.alicloud.cfg.CompliancePack;
import com.pulumi.alicloud.cfg.CompliancePackArgs;
import com.pulumi.alicloud.cfg.inputs.CompliancePackConfigRuleIdArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var config = ctx.config();
        final var name = config.get("name").orElse("tf-example-config-name");
        final var defaultRegions = AlicloudFunctions.getRegions(GetRegionsArgs.builder()
            .current(true)
            .build());
        var rule1 = new Rule("rule1", RuleArgs.builder()
            .description(name)
            .sourceOwner("ALIYUN")
            .sourceIdentifier("ram-user-ak-create-date-expired-check")
            .riskLevel(1)
            .maximumExecutionFrequency("TwentyFour_Hours")
            .regionIdsScope(defaultRegions.applyValue(getRegionsResult -> getRegionsResult.regions()[0].id()))
            .configRuleTriggerTypes("ScheduledNotification")
            .resourceTypesScopes("ACS::RAM::User")
            .ruleName("ciscompliancecheck_ram-user-ak-create-date-expired-check")
            .inputParameters(Map.of("days", "90"))
            .build());
        var rule2 = new Rule("rule2", RuleArgs.builder()
            .description(name)
            .sourceOwner("ALIYUN")
            .sourceIdentifier("adb-cluster-maintain-time-check")
            .riskLevel(2)
            .regionIdsScope(defaultRegions.applyValue(getRegionsResult -> getRegionsResult.regions()[0].id()))
            .configRuleTriggerTypes("ScheduledNotification")
            .resourceTypesScopes("ACS::ADB::DBCluster")
            .ruleName("governance-evaluation-adb-cluster-maintain-time-check")
            .inputParameters(Map.of("maintainTimes", "02:00-04:00,06:00-08:00,12:00-13:00"))
            .build());
        var defaultCompliancePack = new CompliancePack("defaultCompliancePack", CompliancePackArgs.builder()
            .compliancePackName(name)
            .description("CloudGovernanceCenter evaluation")
            .riskLevel("2")
            .configRuleIds(
                CompliancePackConfigRuleIdArgs.builder()
                    .configRuleId(rule1.id())
                    .build(),
                CompliancePackConfigRuleIdArgs.builder()
                    .configRuleId(rule2.id())
                    .build())
            .build());
    }
}

Import

Cloud Config Compliance Pack can be imported using the id, e.g.

$ pulumi import alicloud:cfg/compliancePack:CompliancePack example <id>

Properties

compliancePackName

val compliancePackName: Output<String>

The Compliance Package Name. NOTE: From version 1.146.0, compliance_pack_name can be modified.

compliancePackTemplateId

val compliancePackTemplateId: Output<String>?

Compliance Package Template Id.

configRuleIds

val configRuleIds: Output<List<CompliancePackConfigRuleId>>?

A list of Config Rule IDs. See config_rule_ids below.

configRules

val ~~configRules~~: Output<List<CompliancePackConfigRule>>?

A list of Config Rules. See config_rules below. NOTE: Field config_rules has been deprecated from provider version 1.141.0. New field config_rule_ids instead.

description

val description: Output<String>

The Description of compliance pack.