Amazon Config · JSON Structure

Config Scope Structure

Defines which resources trigger an evaluation for an Config rule. The scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. Specify a scope to constrain which resources trigger an evaluation for a rule. Otherwise, evaluations for the rule are triggered when any resource in your recording group changes in configuration.

Type: object Properties: 4
AuditingComplianceConfiguration ManagementGovernanceSecurity

Scope is a JSON Structure definition published by Amazon Config, describing 4 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

ComplianceResourceTypes TagKey TagValue ComplianceResourceId

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-config/refs/heads/main/json-structure/config-scope-structure.json",
  "name": "Scope",
  "description": "Defines which resources trigger an evaluation for an Config rule. The scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. Specify a scope to constrain which resources trigger an evaluation for a rule. Otherwise, evaluations for the rule are triggered when any resource in your recording group changes in configuration.",
  "type": "object",
  "properties": {
    "ComplianceResourceTypes": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ComplianceResourceTypes"
        },
        {
          "description": "The resource types of only those Amazon Web Services resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for <code>ComplianceResourceId</code>."
        }
      ]
    },
    "TagKey": {
      "allOf": [
        {
          "$ref": "#/components/schemas/StringWithCharLimit128"
        },
        {
          "description": "The tag key that is applied to only those Amazon Web Services resources that you want to trigger an evaluation for the rule."
        }
      ]
    },
    "TagValue": {
      "allOf": [
        {
          "$ref": "#/components/schemas/StringWithCharLimit256"
        },
        {
          "description": "The tag value applied to only those Amazon Web Services resources that you want to trigger an evaluation for the rule. If you specify a value for <code>TagValue</code>, you must also specify a value for <code>TagKey</code>."
        }
      ]
    },
    "ComplianceResourceId": {
      "allOf": [
        {
          "$ref": "#/components/schemas/BaseResourceId"
        },
        {
          "description": "The ID of the only Amazon Web Services resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for <code>ComplianceResourceTypes</code>."
        }
      ]
    }
  }
}