Package com.pulumi.aws.cfg
Class OrganizationManagedRule
- java.lang.Object
-
- com.pulumi.resources.Resource
-
- com.pulumi.resources.CustomResource
-
- com.pulumi.aws.cfg.OrganizationManagedRule
-
public class OrganizationManagedRule extends com.pulumi.resources.CustomResourceManages a Config Organization Managed Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Custom Rules (those invoking a custom Lambda Function), see the `aws.cfg.OrganizationCustomRule` resource. > **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument. > **NOTE:** Every Organization account except those configured in the `excluded_accounts` argument must have a Configuration Recorder with proper IAM permissions before the rule will successfully create or update. See also the `aws.cfg.Recorder` resource. ## Example Usage ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.organizations.Organization; import com.pulumi.aws.organizations.OrganizationArgs; import com.pulumi.aws.cfg.OrganizationManagedRule; import com.pulumi.aws.cfg.OrganizationManagedRuleArgs; import com.pulumi.resources.CustomResourceOptions; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var exampleOrganization = new Organization("exampleOrganization", OrganizationArgs.builder() .awsServiceAccessPrincipals("config-multiaccountsetup.amazonaws.com") .featureSet("ALL") .build()); var exampleOrganizationManagedRule = new OrganizationManagedRule("exampleOrganizationManagedRule", OrganizationManagedRuleArgs.builder() .ruleIdentifier("IAM_PASSWORD_POLICY") .build(), CustomResourceOptions.builder() .dependsOn(exampleOrganization) .build()); } } ``` ## Import Using `pulumi import`, import Config Organization Managed Rules using the name. For example: ```sh $ pulumi import aws:cfg/organizationManagedRule:OrganizationManagedRule example example ```
-
-
Constructor Summary
Constructors Constructor Description OrganizationManagedRule(java.lang.String name)OrganizationManagedRule(java.lang.String name, OrganizationManagedRuleArgs args)OrganizationManagedRule(java.lang.String name, OrganizationManagedRuleArgs args, com.pulumi.resources.CustomResourceOptions options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description com.pulumi.core.Output<java.lang.String>arn()com.pulumi.core.Output<java.util.Optional<java.lang.String>>description()com.pulumi.core.Output<java.util.Optional<java.util.List<java.lang.String>>>excludedAccounts()static OrganizationManagedRuleget(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, OrganizationManagedRuleState state, com.pulumi.resources.CustomResourceOptions options)Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.com.pulumi.core.Output<java.util.Optional<java.lang.String>>inputParameters()com.pulumi.core.Output<java.util.Optional<java.lang.String>>maximumExecutionFrequency()com.pulumi.core.Output<java.lang.String>name()com.pulumi.core.Output<java.util.Optional<java.lang.String>>resourceIdScope()com.pulumi.core.Output<java.util.Optional<java.util.List<java.lang.String>>>resourceTypesScopes()com.pulumi.core.Output<java.lang.String>ruleIdentifier()com.pulumi.core.Output<java.util.Optional<java.lang.String>>tagKeyScope()com.pulumi.core.Output<java.util.Optional<java.lang.String>>tagValueScope()
-
-
-
Constructor Detail
-
OrganizationManagedRule
public OrganizationManagedRule(java.lang.String name)
- Parameters:
name- The _unique_ name of the resulting resource.
-
OrganizationManagedRule
public OrganizationManagedRule(java.lang.String name, OrganizationManagedRuleArgs args)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.
-
OrganizationManagedRule
public OrganizationManagedRule(java.lang.String name, OrganizationManagedRuleArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.options- A bag of options that control this resource's behavior.
-
-
Method Detail
-
arn
public com.pulumi.core.Output<java.lang.String> arn()
- Returns:
- Amazon Resource Name (ARN) of the rule
-
description
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> description()
- Returns:
- Description of the rule
-
excludedAccounts
public com.pulumi.core.Output<java.util.Optional<java.util.List<java.lang.String>>> excludedAccounts()
- Returns:
- List of AWS account identifiers to exclude from the rule
-
inputParameters
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> inputParameters()
- Returns:
- A string in JSON format that is passed to the AWS Config Rule Lambda Function
-
maximumExecutionFrequency
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> maximumExecutionFrequency()
- Returns:
- The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`.
-
name
public com.pulumi.core.Output<java.lang.String> name()
- Returns:
- The name of the rule
-
resourceIdScope
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> resourceIdScope()
- Returns:
- Identifier of the AWS resource to evaluate
-
resourceTypesScopes
public com.pulumi.core.Output<java.util.Optional<java.util.List<java.lang.String>>> resourceTypesScopes()
- Returns:
- List of types of AWS resources to evaluate
-
ruleIdentifier
public com.pulumi.core.Output<java.lang.String> ruleIdentifier()
- Returns:
- Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation
-
tagKeyScope
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> tagKeyScope()
- Returns:
- Tag key of AWS resources to evaluate
-
tagValueScope
public com.pulumi.core.Output<java.util.Optional<java.lang.String>> tagValueScope()
- Returns:
- Tag value of AWS resources to evaluate
-
get
public static OrganizationManagedRule get(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, @Nullable OrganizationManagedRuleState state, @Nullable com.pulumi.resources.CustomResourceOptions options)
Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.- Parameters:
name- The _unique_ name of the resulting resource.id- The _unique_ provider ID of the resource to lookup.state-options- Optional settings to control the behavior of the CustomResource.
-
-