AWS::Config::ConfigRule CustomPolicyDetails - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::Config::ConfigRule CustomPolicyDetails

Provides the CustomPolicyDetails, the rule owner ( Amazon for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your Amazon resources.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "EnableDebugLogDelivery" : Boolean, "PolicyRuntime" : String, "PolicyText" : String }

YAML

EnableDebugLogDelivery: Boolean PolicyRuntime: String PolicyText: String

Properties

EnableDebugLogDelivery

The boolean expression for enabling debug logging for your Amazon Config Custom Policy rule. The default value is false.

Required: No

Type: Boolean

Update requires: No interruption

PolicyRuntime

The runtime system for your Amazon Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by Amazon Config Custom Policy rules. For more information about Guard, see the Guard GitHub Repository.

Required: No

Type: String

Pattern: guard\-2\.x\.x

Minimum: 1

Maximum: 64

Update requires: No interruption

PolicyText

The policy definition containing the logic for your Amazon Config Custom Policy rule.

Required: No

Type: String

Minimum: 0

Maximum: 10000

Update requires: No interruption