Amazon Config · Schema

ConfigRule

Config rules evaluate the configuration settings of your Amazon Web Services resources. A rule can run when Config detects a configuration change to an Amazon Web Services resource or at a periodic frequency that you choose (for example, every 24 hours). There are two types of rules: Config Managed Rules and Config Custom Rules.

Config Managed Rules are predefined, customizable rules created by Config. For a list of managed rules, see List of Config Managed Rules.

Config Custom Rules are rules that you create from scratch. There are two ways to create Config custom rules: with Lambda functions ( Lambda Developer Guide) and with Guard (Guard GitHub Repository), a policy-as-code language. Config custom rules created with Lambda are called Config Custom Lambda Rules and Config custom rules created with Guard are called Config Custom Policy Rules.

For more information about developing and using Config rules, see Evaluating Resource with Config Rules in the Config Developer Guide.

You can use the Amazon Web Services CLI and Amazon Web Services SDKs if you want to create a rule that triggers evaluations for your resources when Config delivers the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.

AuditingAWSComplianceConfiguration ManagementGovernanceSecurity

Properties

Name	Type	Description
ConfigRuleName	object
ConfigRuleArn	object
ConfigRuleId	object
Description	object
Scope	object
Source	object
InputParameters	object
MaximumExecutionFrequency	object
ConfigRuleState	object
CreatedBy	object
EvaluationModes	object

View JSON Schema on GitHub