pulumi-alicloud-kotlin/com.pulumi.alicloud.cfg.kotlin/RuleArgs

RuleArgs

data class RuleArgs(val configRuleTriggerTypes: Output<String>? = null, val description: Output<String>? = null, val excludeResourceIdsScope: Output<String>? = null, val inputParameters: Output<Map<String, Any>>? = null, val maximumExecutionFrequency: Output<String>? = null, val regionIdsScope: Output<String>? = null, val resourceGroupIdsScope: Output<String>? = null, val resourceTypesScopes: Output<List<String>>? = null, val riskLevel: Output<Int>? = null, val ruleName: Output<String>? = null, val scopeComplianceResourceTypes: Output<String>? = null, val sourceDetailMessageType: Output<String>? = null, val sourceIdentifier: Output<String>? = null, val sourceMaximumExecutionFrequency: Output<String>? = null, val sourceOwner: Output<String>? = null, val status: Output<String>? = null, val tagKeyScope: Output<String>? = null, val tagValueScope: Output<String>? = null) : ConvertibleToJava<RuleArgs>

Provides a Config Rule resource. For information about Config Rule and how to use it, see What is Rule.

NOTE: Available since v1.204.0.

Example Usage

Basic Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.resourcemanager.ResourcemanagerFunctions;
import com.pulumi.alicloud.resourcemanager.inputs.GetResourceGroupsArgs;
import com.pulumi.alicloud.cfg.Rule;
import com.pulumi.alicloud.cfg.RuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var defaultResourceGroups = ResourcemanagerFunctions.getResourceGroups(GetResourceGroupsArgs.builder()
            .status("OK")
            .build());
        var defaultRule = new Rule("defaultRule", RuleArgs.builder()
            .description("If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.")
            .sourceOwner("ALIYUN")
            .sourceIdentifier("contains-tag")
            .riskLevel(1)
            .tagValueScope("example-value")
            .tagKeyScope("example-key")
            .excludeResourceIdsScope("example-resource_id")
            .regionIdsScope("cn-hangzhou")
            .configRuleTriggerTypes("ConfigurationItemChangeNotification")
            .resourceGroupIdsScope(defaultResourceGroups.applyValue(getResourceGroupsResult -> getResourceGroupsResult.ids()[0]))
            .resourceTypesScopes("ACS::RDS::DBInstance")
            .ruleName("contains-tag")
            .inputParameters(Map.ofEntries(
                Map.entry("key", "example"),
                Map.entry("value", "example")
            ))
            .build());
    }
}
Content copied to clipboard

Import

Config Rule can be imported using the id, e.g.

$ pulumi import alicloud:cfg/rule:Rule example <id>
Content copied to clipboard

Constructors

Link copied to clipboard
fun RuleArgs(configRuleTriggerTypes: Output<String>? = null, description: Output<String>? = null, excludeResourceIdsScope: Output<String>? = null, inputParameters: Output<Map<String, Any>>? = null, maximumExecutionFrequency: Output<String>? = null, regionIdsScope: Output<String>? = null, resourceGroupIdsScope: Output<String>? = null, resourceTypesScopes: Output<List<String>>? = null, riskLevel: Output<Int>? = null, ruleName: Output<String>? = null, scopeComplianceResourceTypes: Output<String>? = null, sourceDetailMessageType: Output<String>? = null, sourceIdentifier: Output<String>? = null, sourceMaximumExecutionFrequency: Output<String>? = null, sourceOwner: Output<String>? = null, status: Output<String>? = null, tagKeyScope: Output<String>? = null, tagValueScope: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): RuleArgs

Properties

Link copied to clipboard
val configRuleTriggerTypes: Output<String>? = null

The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes. ScheduledNotification: The rule is triggered as scheduled.

Link copied to clipboard
val description: Output<String>? = null

The description of the rule.

Link copied to clipboard
val excludeResourceIdsScope: Output<String>? = null

The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.

Link copied to clipboard
val inputParameters: Output<Map<String, Any>>? = null

The settings of the input parameters for the rule.

Link copied to clipboard
val maximumExecutionFrequency: Output<String>? = null

The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours.

Link copied to clipboard
val regionIdsScope: Output<String>? = null

The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.

Link copied to clipboard
val resourceGroupIdsScope: Output<String>? = null

The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.

Link copied to clipboard
val resourceTypesScopes: Output<List<String>>? = null

The types of the resources to be evaluated against the rule.

Link copied to clipboard
val riskLevel: Output<Int>? = null

The risk level of the resources that are not compliant with the rule. Valid values: 1: critical 2: warning 3: info

Link copied to clipboard
val ruleName: Output<String>? = null

The name of the rule.

Link copied to clipboard
val scopeComplianceResourceTypes: Output<String>? = null

Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.

Link copied to clipboard
val sourceDetailMessageType: Output<String>? = null

Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.

Link copied to clipboard
val sourceIdentifier: Output<String>? = null

The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.

Link copied to clipboard
val sourceMaximumExecutionFrequency: Output<String>? = null

Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.

Link copied to clipboard
val sourceOwner: Output<String>? = null

Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule. ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule

Link copied to clipboard
val status: Output<String>? = null

The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.

Link copied to clipboard
val tagKeyScope: Output<String>? = null

The rule monitors the tag key, only applies to rules created based on managed rules.

Link copied to clipboard
val tagValueScope: Output<String>? = null

The rule monitors the tag value, only applies to rules created based on managed rules. The following arguments will be discarded. Please use new fields as soon as possible: