Put an Amazon Config rule using an Amazon SDK - Amazon Config
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Put an Amazon Config rule using an Amazon SDK

The following code example shows how to put an Amazon Config rule.

SDK for Python (Boto3)

To learn how to set up and run this example, see GitHub.

class ConfigWrapper: """ Encapsulates AWS Config functions. """ def __init__(self, config_client): """ :param config_client: A Boto3 AWS Config client. """ self.config_client = config_client def put_config_rule(self, rule_name): """ Sets a configuration rule that prohibits making Amazon S3 buckets publicly readable. :param rule_name: The name to give the rule. """ try: self.config_client.put_config_rule( ConfigRule={ 'ConfigRuleName': rule_name, 'Description': 'S3 Public Read Prohibited Bucket Rule', 'Scope': { 'ComplianceResourceTypes': [ 'AWS::S3::Bucket', ], }, 'Source': { 'Owner': 'AWS', 'SourceIdentifier': 'S3_BUCKET_PUBLIC_READ_PROHIBITED', }, 'InputParameters': '{}', 'ConfigRuleState': 'ACTIVE' } ) logger.info("Created configuration rule %s.", rule_name) except ClientError: logger.exception("Couldn't create configuration rule %s.", rule_name) raise
  • For API details, see PutConfigRule in Amazon SDK for Python (Boto3) API Reference.

For a complete list of Amazon SDK developer guides and code examples, see Using this service with an Amazon SDK. This topic also includes information about getting started and details about previous SDK versions.