AWS::Config::OrganizationConfigRule OrganizationManagedRuleMetadata - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::Config::OrganizationConfigRule OrganizationManagedRuleMetadata

An object that specifies organization managed rule metadata such as resource type and ID of Amazon resource along with the rule identifier. It also provides the frequency with which you want Amazon Config to run evaluations for the rule if the trigger type is periodic.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Description" : String,
  "InputParameters" : String,
  "MaximumExecutionFrequency" : String,
  "ResourceIdScope" : String,
  "ResourceTypesScope" : [ String, ... ],
  "RuleIdentifier" : String,
  "TagKeyScope" : String,
  "TagValueScope" : String
}

Properties

Description

The description that you provide for your organization Amazon Config rule.

Required: No

Type: String

Minimum: 0

Maximum: 256

Update requires: No interruption

InputParameters

A string, in JSON format, that is passed to your organization Amazon Config rule Lambda function.

Required: No

Type: String

Minimum: 1

Maximum: 2048

Update requires: No interruption

MaximumExecutionFrequency

The maximum frequency with which Amazon Config runs evaluations for a rule. This is for an Amazon Config managed rule that is triggered at a periodic frequency.

Note

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

Required: No

Type: String

Allowed values: One_Hour | Three_Hours | Six_Hours | Twelve_Hours | TwentyFour_Hours

Update requires: No interruption

ResourceIdScope

The ID of the Amazon resource that was evaluated.

Required: No

Type: String

Minimum: 1

Maximum: 768

Update requires: No interruption

ResourceTypesScope

The type of the Amazon resource that was evaluated.

Required: No

Type: Array of String

Minimum: 0

Maximum: 100

Update requires: No interruption

RuleIdentifier

For organization config managed rules, a predefined identifier from a list. For example, IAM_PASSWORD_POLICY is a managed rule. To reference a managed rule, see Using Amazon Config managed rules.

Required: Yes

Type: String

Minimum: 1

Maximum: 256

Update requires: No interruption

TagKeyScope

One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.

Required: No

Type: String

Minimum: 1

Maximum: 128

Update requires: No interruption

TagValueScope

The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).

Required: No

Type: String

Minimum: 1

Maximum: 256

Update requires: No interruption