Amazon Config · JSON Structure

Config Source Structure

Provides the CustomPolicyDetails, the rule owner (Amazon Web Services for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your Amazon Web Services resources.

Type: object Properties: 4 Required: 1
AuditingComplianceConfiguration ManagementGovernanceSecurity

Source is a JSON Structure definition published by Amazon Config, describing 4 properties, of which 1 is required. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

Owner SourceIdentifier SourceDetails CustomPolicyDetails

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-config/refs/heads/main/json-structure/config-source-structure.json",
  "name": "Source",
  "description": "Provides the CustomPolicyDetails, the rule owner (<code>Amazon Web Services</code> for managed rules, <code>CUSTOM_POLICY</code> for Custom Policy rules, and <code>CUSTOM_LAMBDA</code> for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your Amazon Web Services resources.",
  "type": "object",
  "properties": {
    "Owner": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Owner"
        },
        {
          "description": "<p>Indicates whether Amazon Web Services or the customer owns and manages the Config rule.</p> <p>Config Managed Rules are predefined rules owned by Amazon Web Services. For more information, see <a href=\"https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html\">Config Managed Rules</a> in the <i>Config developer guide</i>.</p> <p>Config Custom Rules are rules that you can develop either with Guard (<code>CUSTOM_POLICY</code>) or Lambda (<code>CUSTOM_LAMBDA</code>). For more information, see <a href=\"https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html\">Config Custom Rules </a> in the <i>Config developer guide</i>.</p>"
        }
      ]
    },
    "SourceIdentifier": {
      "allOf": [
        {
          "$ref": "#/components/schemas/StringWithCharLimit256"
        },
        {
          "description": "<p>For Config Managed rules, a predefined identifier from a list. For example, <code>IAM_PASSWORD_POLICY</code> is a managed rule. To reference a managed rule, see <a href=\"https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html\">List of Config Managed Rules</a>.</p> <p>For Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's Lambda function, such as <code>arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name</code>.</p> <p>For Config Custom Policy rules, this field will be ignored.</p>"
        }
      ]
    },
    "SourceDetails": {
      "allOf": [
        {
          "$ref": "#/components/schemas/SourceDetails"
        },
        {
          "description": "<p>Provides the source and the message types that cause Config to evaluate your Amazon Web Services resources against a rule. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.</p> <p>If the owner is set to <code>CUSTOM_POLICY</code>, the only acceptable values for the Config rule trigger message type are <code>ConfigurationItemChangeNotification</code> and <code>OversizedConfigurationItemChangeNotification</code>.</p>"
        }
      ]
    },
    "CustomPolicyDetails": {
      "allOf": [
        {
          "$ref": "#/components/schemas/CustomPolicyDetails"
        },
        {
          "description": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to <code>CUSTOM_POLICY</code>."
        }
      ]
    }
  },
  "required": [
    "Owner"
  ]
}