Class CfnAccountAuditConfiguration
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.iot.CfnAccountAuditConfiguration
- All Implemented Interfaces:
IInspectable,software.amazon.jsii.JsiiSerializable,software.constructs.IConstruct,software.constructs.IDependable
@Generated(value="jsii-pacmak/1.98.0 (build 00b106d)",
date="2024-05-08T21:35:08.294Z")
@Stability(Stable)
public class CfnAccountAuditConfiguration
extends CfnResource
implements IInspectable
Use the
AWS::IoT::AccountAuditConfiguration resource to configure or reconfigure the Device Defender audit settings for your account.
Settings include how audit notifications are sent and which audit checks are enabled or disabled. For API reference, see UpdateAccountAuditConfiguration and for detailed information on all available audit checks, see Audit checks .
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.iot.*;
CfnAccountAuditConfiguration cfnAccountAuditConfiguration = CfnAccountAuditConfiguration.Builder.create(this, "MyCfnAccountAuditConfiguration")
.accountId("accountId")
.auditCheckConfigurations(AuditCheckConfigurationsProperty.builder()
.authenticatedCognitoRoleOverlyPermissiveCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.caCertificateExpiringCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.caCertificateKeyQualityCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.conflictingClientIdsCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.deviceCertificateExpiringCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.deviceCertificateKeyQualityCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.deviceCertificateSharedCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.intermediateCaRevokedForActiveDeviceCertificatesCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.iotPolicyOverlyPermissiveCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.ioTPolicyPotentialMisConfigurationCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.iotRoleAliasAllowsAccessToUnusedServicesCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.iotRoleAliasOverlyPermissiveCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.loggingDisabledCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.revokedCaCertificateStillActiveCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.revokedDeviceCertificateStillActiveCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.unauthenticatedCognitoRoleOverlyPermissiveCheck(AuditCheckConfigurationProperty.builder()
.enabled(false)
.build())
.build())
.roleArn("roleArn")
// the properties below are optional
.auditNotificationTargetConfigurations(AuditNotificationTargetConfigurationsProperty.builder()
.sns(AuditNotificationTargetProperty.builder()
.enabled(false)
.roleArn("roleArn")
.targetArn("targetArn")
.build())
.build())
.build();
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic interfaceWhich audit checks are enabled and disabled for this account.static interfaceThe types of audit checks that can be performed.static interfaceThe configuration of the audit notification target.static interfaceInformation about the targets to which audit notifications are sent.static final classA fluent builder forCfnAccountAuditConfiguration.Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationModeNested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$DefaultNested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringThe CloudFormation resource type name for this resource class. -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedCfnAccountAuditConfiguration(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protectedCfnAccountAuditConfiguration(software.amazon.jsii.JsiiObjectRef objRef) CfnAccountAuditConfiguration(software.constructs.Construct scope, String id, CfnAccountAuditConfigurationProps props) -
Method Summary
Modifier and TypeMethodDescriptionThe ID of the account.Specifies which audit checks are enabled and disabled for this account.Information about the targets to which audit notifications are sent.The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.voidinspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties(Map<String, Object> props) voidsetAccountId(String value) The ID of the account.voidSpecifies which audit checks are enabled and disabled for this account.voidSpecifies which audit checks are enabled and disabled for this account.voidInformation about the targets to which audit notifications are sent.voidsetAuditNotificationTargetConfigurations(CfnAccountAuditConfiguration.AuditNotificationTargetConfigurationsProperty value) Information about the targets to which audit notifications are sent.voidsetRoleArn(String value) The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.Methods inherited from class software.amazon.awscdk.CfnResource
addDeletionOverride, addDependency, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, obtainDependencies, obtainResourceDependencies, removeDependency, replaceDependency, shouldSynthesize, toString, validatePropertiesMethods inherited from class software.amazon.awscdk.CfnRefElement
getRefMethods inherited from class software.amazon.awscdk.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalIdMethods inherited from class software.constructs.Construct
getNode, isConstructMethods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnAccountAuditConfiguration
protected CfnAccountAuditConfiguration(software.amazon.jsii.JsiiObjectRef objRef) -
CfnAccountAuditConfiguration
protected CfnAccountAuditConfiguration(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnAccountAuditConfiguration
@Stability(Stable) public CfnAccountAuditConfiguration(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnAccountAuditConfigurationProps props) - Parameters:
scope- Scope in which this resource is defined. This parameter is required.id- Construct identifier for this resource (unique in its scope). This parameter is required.props- Resource properties. This parameter is required.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspectin interfaceIInspectable- Parameters:
inspector- tree inspector to collect and process attributes. This parameter is required.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderPropertiesin classCfnResource- Parameters:
props- This parameter is required.
-
getCfnProperties
- Overrides:
getCfnPropertiesin classCfnResource
-
getAccountId
The ID of the account. -
setAccountId
The ID of the account. -
getAuditCheckConfigurations
Specifies which audit checks are enabled and disabled for this account. -
setAuditCheckConfigurations
Specifies which audit checks are enabled and disabled for this account. -
setAuditCheckConfigurations
@Stability(Stable) public void setAuditCheckConfigurations(@NotNull CfnAccountAuditConfiguration.AuditCheckConfigurationsProperty value) Specifies which audit checks are enabled and disabled for this account. -
getRoleArn
The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit. -
setRoleArn
The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit. -
getAuditNotificationTargetConfigurations
Information about the targets to which audit notifications are sent. -
setAuditNotificationTargetConfigurations
@Stability(Stable) public void setAuditNotificationTargetConfigurations(@Nullable IResolvable value) Information about the targets to which audit notifications are sent. -
setAuditNotificationTargetConfigurations
@Stability(Stable) public void setAuditNotificationTargetConfigurations(@Nullable CfnAccountAuditConfiguration.AuditNotificationTargetConfigurationsProperty value) Information about the targets to which audit notifications are sent.
-