alicloud.cfg.Rule
Explore with Pulumi AI
Provides a Config Rule resource.
For information about Config Rule and how to use it, see What is Rule.
NOTE: Available since v1.204.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const _default = alicloud.resourcemanager.getResourceGroups({
    status: "OK",
});
const defaultRule = new alicloud.cfg.Rule("default", {
    description: "If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.",
    sourceOwner: "ALIYUN",
    sourceIdentifier: "contains-tag",
    riskLevel: 1,
    tagValueScope: "example-value",
    tagKeyScope: "example-key",
    excludeResourceIdsScope: "example-resource_id",
    regionIdsScope: "cn-hangzhou",
    configRuleTriggerTypes: "ConfigurationItemChangeNotification",
    resourceGroupIdsScope: _default.then(_default => _default.ids?.[0]),
    resourceTypesScopes: ["ACS::RDS::DBInstance"],
    ruleName: "contains-tag",
    inputParameters: {
        key1: "value1",
        key2: "value2",
    },
});
import pulumi
import pulumi_alicloud as alicloud
default = alicloud.resourcemanager.get_resource_groups(status="OK")
default_rule = alicloud.cfg.Rule("default",
    description="If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.",
    source_owner="ALIYUN",
    source_identifier="contains-tag",
    risk_level=1,
    tag_value_scope="example-value",
    tag_key_scope="example-key",
    exclude_resource_ids_scope="example-resource_id",
    region_ids_scope="cn-hangzhou",
    config_rule_trigger_types="ConfigurationItemChangeNotification",
    resource_group_ids_scope=default.ids[0],
    resource_types_scopes=["ACS::RDS::DBInstance"],
    rule_name="contains-tag",
    input_parameters={
        "key1": "value1",
        "key2": "value2",
    })
package main
import (
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cfg"
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/resourcemanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_default, err := resourcemanager.GetResourceGroups(ctx, &resourcemanager.GetResourceGroupsArgs{
			Status: pulumi.StringRef("OK"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = cfg.NewRule(ctx, "default", &cfg.RuleArgs{
			Description:             pulumi.String("If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant."),
			SourceOwner:             pulumi.String("ALIYUN"),
			SourceIdentifier:        pulumi.String("contains-tag"),
			RiskLevel:               pulumi.Int(1),
			TagValueScope:           pulumi.String("example-value"),
			TagKeyScope:             pulumi.String("example-key"),
			ExcludeResourceIdsScope: pulumi.String("example-resource_id"),
			RegionIdsScope:          pulumi.String("cn-hangzhou"),
			ConfigRuleTriggerTypes:  pulumi.String("ConfigurationItemChangeNotification"),
			ResourceGroupIdsScope:   pulumi.String(_default.Ids[0]),
			ResourceTypesScopes: pulumi.StringArray{
				pulumi.String("ACS::RDS::DBInstance"),
			},
			RuleName: pulumi.String("contains-tag"),
			InputParameters: pulumi.StringMap{
				"key1": pulumi.String("value1"),
				"key2": pulumi.String("value2"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() => 
{
    var @default = AliCloud.ResourceManager.GetResourceGroups.Invoke(new()
    {
        Status = "OK",
    });
    var defaultRule = new AliCloud.Cfg.Rule("default", new()
    {
        Description = "If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.",
        SourceOwner = "ALIYUN",
        SourceIdentifier = "contains-tag",
        RiskLevel = 1,
        TagValueScope = "example-value",
        TagKeyScope = "example-key",
        ExcludeResourceIdsScope = "example-resource_id",
        RegionIdsScope = "cn-hangzhou",
        ConfigRuleTriggerTypes = "ConfigurationItemChangeNotification",
        ResourceGroupIdsScope = @default.Apply(@default => @default.Apply(getResourceGroupsResult => getResourceGroupsResult.Ids[0])),
        ResourceTypesScopes = new[]
        {
            "ACS::RDS::DBInstance",
        },
        RuleName = "contains-tag",
        InputParameters = 
        {
            { "key1", "value1" },
            { "key2", "value2" },
        },
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.resourcemanager.ResourcemanagerFunctions;
import com.pulumi.alicloud.resourcemanager.inputs.GetResourceGroupsArgs;
import com.pulumi.alicloud.cfg.Rule;
import com.pulumi.alicloud.cfg.RuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var default = ResourcemanagerFunctions.getResourceGroups(GetResourceGroupsArgs.builder()
            .status("OK")
            .build());
        var defaultRule = new Rule("defaultRule", RuleArgs.builder()
            .description("If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.")
            .sourceOwner("ALIYUN")
            .sourceIdentifier("contains-tag")
            .riskLevel(1)
            .tagValueScope("example-value")
            .tagKeyScope("example-key")
            .excludeResourceIdsScope("example-resource_id")
            .regionIdsScope("cn-hangzhou")
            .configRuleTriggerTypes("ConfigurationItemChangeNotification")
            .resourceGroupIdsScope(default_.ids()[0])
            .resourceTypesScopes("ACS::RDS::DBInstance")
            .ruleName("contains-tag")
            .inputParameters(Map.ofEntries(
                Map.entry("key1", "value1"),
                Map.entry("key2", "value2")
            ))
            .build());
    }
}
resources:
  defaultRule:
    type: alicloud:cfg:Rule
    name: default
    properties:
      description: If the resource matches one of the specified tag key-value pairs, the configuration is considered compliant.
      sourceOwner: ALIYUN
      sourceIdentifier: contains-tag
      riskLevel: 1
      tagValueScope: example-value
      tagKeyScope: example-key
      excludeResourceIdsScope: example-resource_id
      regionIdsScope: cn-hangzhou
      configRuleTriggerTypes: ConfigurationItemChangeNotification
      resourceGroupIdsScope: ${default.ids[0]}
      resourceTypesScopes:
        - ACS::RDS::DBInstance
      ruleName: contains-tag
      inputParameters:
        key1: value1
        key2: value2
variables:
  default:
    fn::invoke:
      function: alicloud:resourcemanager:getResourceGroups
      arguments:
        status: OK
Create Rule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Rule(name: string, args: RuleArgs, opts?: CustomResourceOptions);@overload
def Rule(resource_name: str,
         args: RuleArgs,
         opts: Optional[ResourceOptions] = None)
@overload
def Rule(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         source_identifier: Optional[str] = None,
         risk_level: Optional[int] = None,
         source_owner: Optional[str] = None,
         rule_name: Optional[str] = None,
         scope_compliance_resource_types: Optional[str] = None,
         source_detail_message_type: Optional[str] = None,
         resource_group_ids_scope: Optional[str] = None,
         resource_types_scopes: Optional[Sequence[str]] = None,
         description: Optional[str] = None,
         maximum_execution_frequency: Optional[str] = None,
         input_parameters: Optional[Mapping[str, str]] = None,
         region_ids_scope: Optional[str] = None,
         config_rule_trigger_types: Optional[str] = None,
         source_maximum_execution_frequency: Optional[str] = None,
         exclude_resource_ids_scope: Optional[str] = None,
         status: Optional[str] = None,
         tag_key_scope: Optional[str] = None,
         tag_value_scope: Optional[str] = None)func NewRule(ctx *Context, name string, args RuleArgs, opts ...ResourceOption) (*Rule, error)public Rule(string name, RuleArgs args, CustomResourceOptions? opts = null)type: alicloud:cfg:Rule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var alicloudRuleResource = new AliCloud.Cfg.Rule("alicloudRuleResource", new()
{
    SourceIdentifier = "string",
    RiskLevel = 0,
    SourceOwner = "string",
    RuleName = "string",
    ResourceGroupIdsScope = "string",
    ResourceTypesScopes = new[]
    {
        "string",
    },
    Description = "string",
    MaximumExecutionFrequency = "string",
    InputParameters = 
    {
        { "string", "string" },
    },
    RegionIdsScope = "string",
    ConfigRuleTriggerTypes = "string",
    ExcludeResourceIdsScope = "string",
    Status = "string",
    TagKeyScope = "string",
    TagValueScope = "string",
});
example, err := cfg.NewRule(ctx, "alicloudRuleResource", &cfg.RuleArgs{
	SourceIdentifier:      pulumi.String("string"),
	RiskLevel:             pulumi.Int(0),
	SourceOwner:           pulumi.String("string"),
	RuleName:              pulumi.String("string"),
	ResourceGroupIdsScope: pulumi.String("string"),
	ResourceTypesScopes: pulumi.StringArray{
		pulumi.String("string"),
	},
	Description:               pulumi.String("string"),
	MaximumExecutionFrequency: pulumi.String("string"),
	InputParameters: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	RegionIdsScope:          pulumi.String("string"),
	ConfigRuleTriggerTypes:  pulumi.String("string"),
	ExcludeResourceIdsScope: pulumi.String("string"),
	Status:                  pulumi.String("string"),
	TagKeyScope:             pulumi.String("string"),
	TagValueScope:           pulumi.String("string"),
})
var alicloudRuleResource = new com.pulumi.alicloud.cfg.Rule("alicloudRuleResource", com.pulumi.alicloud.cfg.RuleArgs.builder()
    .sourceIdentifier("string")
    .riskLevel(0)
    .sourceOwner("string")
    .ruleName("string")
    .resourceGroupIdsScope("string")
    .resourceTypesScopes("string")
    .description("string")
    .maximumExecutionFrequency("string")
    .inputParameters(Map.of("string", "string"))
    .regionIdsScope("string")
    .configRuleTriggerTypes("string")
    .excludeResourceIdsScope("string")
    .status("string")
    .tagKeyScope("string")
    .tagValueScope("string")
    .build());
alicloud_rule_resource = alicloud.cfg.Rule("alicloudRuleResource",
    source_identifier="string",
    risk_level=0,
    source_owner="string",
    rule_name="string",
    resource_group_ids_scope="string",
    resource_types_scopes=["string"],
    description="string",
    maximum_execution_frequency="string",
    input_parameters={
        "string": "string",
    },
    region_ids_scope="string",
    config_rule_trigger_types="string",
    exclude_resource_ids_scope="string",
    status="string",
    tag_key_scope="string",
    tag_value_scope="string")
const alicloudRuleResource = new alicloud.cfg.Rule("alicloudRuleResource", {
    sourceIdentifier: "string",
    riskLevel: 0,
    sourceOwner: "string",
    ruleName: "string",
    resourceGroupIdsScope: "string",
    resourceTypesScopes: ["string"],
    description: "string",
    maximumExecutionFrequency: "string",
    inputParameters: {
        string: "string",
    },
    regionIdsScope: "string",
    configRuleTriggerTypes: "string",
    excludeResourceIdsScope: "string",
    status: "string",
    tagKeyScope: "string",
    tagValueScope: "string",
});
type: alicloud:cfg:Rule
properties:
    configRuleTriggerTypes: string
    description: string
    excludeResourceIdsScope: string
    inputParameters:
        string: string
    maximumExecutionFrequency: string
    regionIdsScope: string
    resourceGroupIdsScope: string
    resourceTypesScopes:
        - string
    riskLevel: 0
    ruleName: string
    sourceIdentifier: string
    sourceOwner: string
    status: string
    tagKeyScope: string
    tagValueScope: string
Rule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Rule resource accepts the following input properties:
- RiskLevel int
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- RuleName string
- The name of the rule.
- SourceIdentifier string
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- SourceOwner string
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- ConfigRule stringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- Description string
- The description of the rule.
- ExcludeResource stringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- InputParameters Dictionary<string, string>
- The settings of the input parameters for the rule.
- MaximumExecution stringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- RegionIds stringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- ResourceGroup stringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- ResourceTypes List<string>Scopes 
- The types of the resources to be evaluated against the rule.
- ScopeCompliance stringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- SourceDetail stringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- SourceMaximum stringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- Status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- TagKey stringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- TagValue stringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- RiskLevel int
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- RuleName string
- The name of the rule.
- SourceIdentifier string
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- SourceOwner string
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- ConfigRule stringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- Description string
- The description of the rule.
- ExcludeResource stringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- InputParameters map[string]string
- The settings of the input parameters for the rule.
- MaximumExecution stringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- RegionIds stringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- ResourceGroup stringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- ResourceTypes []stringScopes 
- The types of the resources to be evaluated against the rule.
- ScopeCompliance stringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- SourceDetail stringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- SourceMaximum stringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- Status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- TagKey stringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- TagValue stringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- riskLevel Integer
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- ruleName String
- The name of the rule.
- sourceIdentifier String
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- sourceOwner String
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- configRule StringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- description String
- The description of the rule.
- excludeResource StringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- inputParameters Map<String,String>
- The settings of the input parameters for the rule.
- maximumExecution StringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- regionIds StringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resourceGroup StringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resourceTypes List<String>Scopes 
- The types of the resources to be evaluated against the rule.
- scopeCompliance StringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- sourceDetail StringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- sourceMaximum StringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- status String
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tagKey StringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- tagValue StringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- riskLevel number
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- ruleName string
- The name of the rule.
- sourceIdentifier string
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- sourceOwner string
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- configRule stringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- description string
- The description of the rule.
- excludeResource stringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- inputParameters {[key: string]: string}
- The settings of the input parameters for the rule.
- maximumExecution stringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- regionIds stringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resourceGroup stringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resourceTypes string[]Scopes 
- The types of the resources to be evaluated against the rule.
- scopeCompliance stringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- sourceDetail stringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- sourceMaximum stringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tagKey stringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- tagValue stringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- risk_level int
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- rule_name str
- The name of the rule.
- source_identifier str
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source_owner str
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- config_rule_ strtrigger_ types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- description str
- The description of the rule.
- exclude_resource_ strids_ scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input_parameters Mapping[str, str]
- The settings of the input parameters for the rule.
- maximum_execution_ strfrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- region_ids_ strscope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource_group_ strids_ scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource_types_ Sequence[str]scopes 
- The types of the resources to be evaluated against the rule.
- scope_compliance_ strresource_ types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source_detail_ strmessage_ type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source_maximum_ strexecution_ frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- status str
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag_key_ strscope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- tag_value_ strscope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- riskLevel Number
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- ruleName String
- The name of the rule.
- sourceIdentifier String
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- sourceOwner String
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- configRule StringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- description String
- The description of the rule.
- excludeResource StringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- inputParameters Map<String>
- The settings of the input parameters for the rule.
- maximumExecution StringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- regionIds StringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resourceGroup StringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resourceTypes List<String>Scopes 
- The types of the resources to be evaluated against the rule.
- scopeCompliance StringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- sourceDetail StringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- sourceMaximum StringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- status String
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tagKey StringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- tagValue StringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
Outputs
All input properties are implicitly available as output properties. Additionally, the Rule resource produces the following output properties:
- AccountId int
- The ID of Alicloud account.
- Compliance
Pulumi.Ali Cloud. Cfg. Outputs. Rule Compliance 
- compliance information.
- CompliancePack stringId 
- Compliance Package ID.
- ConfigRule stringArn 
- config rule arn.
- ConfigRule stringId 
- The ID of the rule.
- CreateTime int
- The timestamp when the rule was created.
- EventSource string
- The event source of the rule.
- Id string
- The provider-assigned unique ID for this managed resource.
- ModifiedTimestamp int
- The timestamp when the rule was last modified.
- AccountId int
- The ID of Alicloud account.
- Compliance
RuleCompliance 
- compliance information.
- CompliancePack stringId 
- Compliance Package ID.
- ConfigRule stringArn 
- config rule arn.
- ConfigRule stringId 
- The ID of the rule.
- CreateTime int
- The timestamp when the rule was created.
- EventSource string
- The event source of the rule.
- Id string
- The provider-assigned unique ID for this managed resource.
- ModifiedTimestamp int
- The timestamp when the rule was last modified.
- accountId Integer
- The ID of Alicloud account.
- compliance
RuleCompliance 
- compliance information.
- compliancePack StringId 
- Compliance Package ID.
- configRule StringArn 
- config rule arn.
- configRule StringId 
- The ID of the rule.
- createTime Integer
- The timestamp when the rule was created.
- eventSource String
- The event source of the rule.
- id String
- The provider-assigned unique ID for this managed resource.
- modifiedTimestamp Integer
- The timestamp when the rule was last modified.
- accountId number
- The ID of Alicloud account.
- compliance
RuleCompliance 
- compliance information.
- compliancePack stringId 
- Compliance Package ID.
- configRule stringArn 
- config rule arn.
- configRule stringId 
- The ID of the rule.
- createTime number
- The timestamp when the rule was created.
- eventSource string
- The event source of the rule.
- id string
- The provider-assigned unique ID for this managed resource.
- modifiedTimestamp number
- The timestamp when the rule was last modified.
- account_id int
- The ID of Alicloud account.
- compliance
RuleCompliance 
- compliance information.
- compliance_pack_ strid 
- Compliance Package ID.
- config_rule_ strarn 
- config rule arn.
- config_rule_ strid 
- The ID of the rule.
- create_time int
- The timestamp when the rule was created.
- event_source str
- The event source of the rule.
- id str
- The provider-assigned unique ID for this managed resource.
- modified_timestamp int
- The timestamp when the rule was last modified.
- accountId Number
- The ID of Alicloud account.
- compliance Property Map
- compliance information.
- compliancePack StringId 
- Compliance Package ID.
- configRule StringArn 
- config rule arn.
- configRule StringId 
- The ID of the rule.
- createTime Number
- The timestamp when the rule was created.
- eventSource String
- The event source of the rule.
- id String
- The provider-assigned unique ID for this managed resource.
- modifiedTimestamp Number
- The timestamp when the rule was last modified.
Look up Existing Rule Resource
Get an existing Rule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RuleState, opts?: CustomResourceOptions): Rule@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[int] = None,
        compliance: Optional[RuleComplianceArgs] = None,
        compliance_pack_id: Optional[str] = None,
        config_rule_arn: Optional[str] = None,
        config_rule_id: Optional[str] = None,
        config_rule_trigger_types: Optional[str] = None,
        create_time: Optional[int] = None,
        description: Optional[str] = None,
        event_source: Optional[str] = None,
        exclude_resource_ids_scope: Optional[str] = None,
        input_parameters: Optional[Mapping[str, str]] = None,
        maximum_execution_frequency: Optional[str] = None,
        modified_timestamp: Optional[int] = None,
        region_ids_scope: Optional[str] = None,
        resource_group_ids_scope: Optional[str] = None,
        resource_types_scopes: Optional[Sequence[str]] = None,
        risk_level: Optional[int] = None,
        rule_name: Optional[str] = None,
        scope_compliance_resource_types: Optional[str] = None,
        source_detail_message_type: Optional[str] = None,
        source_identifier: Optional[str] = None,
        source_maximum_execution_frequency: Optional[str] = None,
        source_owner: Optional[str] = None,
        status: Optional[str] = None,
        tag_key_scope: Optional[str] = None,
        tag_value_scope: Optional[str] = None) -> Rulefunc GetRule(ctx *Context, name string, id IDInput, state *RuleState, opts ...ResourceOption) (*Rule, error)public static Rule Get(string name, Input<string> id, RuleState? state, CustomResourceOptions? opts = null)public static Rule get(String name, Output<String> id, RuleState state, CustomResourceOptions options)resources:  _:    type: alicloud:cfg:Rule    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- AccountId int
- The ID of Alicloud account.
- Compliance
Pulumi.Ali Cloud. Cfg. Inputs. Rule Compliance 
- compliance information.
- CompliancePack stringId 
- Compliance Package ID.
- ConfigRule stringArn 
- config rule arn.
- ConfigRule stringId 
- The ID of the rule.
- ConfigRule stringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- CreateTime int
- The timestamp when the rule was created.
- Description string
- The description of the rule.
- EventSource string
- The event source of the rule.
- ExcludeResource stringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- InputParameters Dictionary<string, string>
- The settings of the input parameters for the rule.
- MaximumExecution stringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- ModifiedTimestamp int
- The timestamp when the rule was last modified.
- RegionIds stringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- ResourceGroup stringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- ResourceTypes List<string>Scopes 
- The types of the resources to be evaluated against the rule.
- RiskLevel int
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- RuleName string
- The name of the rule.
- ScopeCompliance stringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- SourceDetail stringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- SourceIdentifier string
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- SourceMaximum stringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- SourceOwner string
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- Status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- TagKey stringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- TagValue stringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- AccountId int
- The ID of Alicloud account.
- Compliance
RuleCompliance Args 
- compliance information.
- CompliancePack stringId 
- Compliance Package ID.
- ConfigRule stringArn 
- config rule arn.
- ConfigRule stringId 
- The ID of the rule.
- ConfigRule stringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- CreateTime int
- The timestamp when the rule was created.
- Description string
- The description of the rule.
- EventSource string
- The event source of the rule.
- ExcludeResource stringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- InputParameters map[string]string
- The settings of the input parameters for the rule.
- MaximumExecution stringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- ModifiedTimestamp int
- The timestamp when the rule was last modified.
- RegionIds stringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- ResourceGroup stringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- ResourceTypes []stringScopes 
- The types of the resources to be evaluated against the rule.
- RiskLevel int
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- RuleName string
- The name of the rule.
- ScopeCompliance stringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- SourceDetail stringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- SourceIdentifier string
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- SourceMaximum stringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- SourceOwner string
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- Status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- TagKey stringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- TagValue stringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- accountId Integer
- The ID of Alicloud account.
- compliance
RuleCompliance 
- compliance information.
- compliancePack StringId 
- Compliance Package ID.
- configRule StringArn 
- config rule arn.
- configRule StringId 
- The ID of the rule.
- configRule StringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- createTime Integer
- The timestamp when the rule was created.
- description String
- The description of the rule.
- eventSource String
- The event source of the rule.
- excludeResource StringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- inputParameters Map<String,String>
- The settings of the input parameters for the rule.
- maximumExecution StringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- modifiedTimestamp Integer
- The timestamp when the rule was last modified.
- regionIds StringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resourceGroup StringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resourceTypes List<String>Scopes 
- The types of the resources to be evaluated against the rule.
- riskLevel Integer
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- ruleName String
- The name of the rule.
- scopeCompliance StringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- sourceDetail StringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- sourceIdentifier String
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- sourceMaximum StringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- sourceOwner String
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- status String
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tagKey StringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- tagValue StringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- accountId number
- The ID of Alicloud account.
- compliance
RuleCompliance 
- compliance information.
- compliancePack stringId 
- Compliance Package ID.
- configRule stringArn 
- config rule arn.
- configRule stringId 
- The ID of the rule.
- configRule stringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- createTime number
- The timestamp when the rule was created.
- description string
- The description of the rule.
- eventSource string
- The event source of the rule.
- excludeResource stringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- inputParameters {[key: string]: string}
- The settings of the input parameters for the rule.
- maximumExecution stringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- modifiedTimestamp number
- The timestamp when the rule was last modified.
- regionIds stringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resourceGroup stringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resourceTypes string[]Scopes 
- The types of the resources to be evaluated against the rule.
- riskLevel number
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- ruleName string
- The name of the rule.
- scopeCompliance stringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- sourceDetail stringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- sourceIdentifier string
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- sourceMaximum stringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- sourceOwner string
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- status string
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tagKey stringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- tagValue stringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- account_id int
- The ID of Alicloud account.
- compliance
RuleCompliance Args 
- compliance information.
- compliance_pack_ strid 
- Compliance Package ID.
- config_rule_ strarn 
- config rule arn.
- config_rule_ strid 
- The ID of the rule.
- config_rule_ strtrigger_ types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- create_time int
- The timestamp when the rule was created.
- description str
- The description of the rule.
- event_source str
- The event source of the rule.
- exclude_resource_ strids_ scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- input_parameters Mapping[str, str]
- The settings of the input parameters for the rule.
- maximum_execution_ strfrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- modified_timestamp int
- The timestamp when the rule was last modified.
- region_ids_ strscope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resource_group_ strids_ scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resource_types_ Sequence[str]scopes 
- The types of the resources to be evaluated against the rule.
- risk_level int
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- rule_name str
- The name of the rule.
- scope_compliance_ strresource_ types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- source_detail_ strmessage_ type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- source_identifier str
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- source_maximum_ strexecution_ frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- source_owner str
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- status str
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tag_key_ strscope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- tag_value_ strscope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
- accountId Number
- The ID of Alicloud account.
- compliance Property Map
- compliance information.
- compliancePack StringId 
- Compliance Package ID.
- configRule StringArn 
- config rule arn.
- configRule StringId 
- The ID of the rule.
- configRule StringTrigger Types 
- The trigger type of the rule. Valid values: ConfigurationItemChangeNotification: The rule is triggered upon configuration changes.ScheduledNotification: The rule is triggered as scheduled.
- createTime Number
- The timestamp when the rule was created.
- description String
- The description of the rule.
- eventSource String
- The event source of the rule.
- excludeResource StringIds Scope 
- The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.
- inputParameters Map<String>
- The settings of the input parameters for the rule.
- maximumExecution StringFrequency 
- The frequency of the compliance evaluations, it is required if the ConfigRuleTriggerTypes value is ScheduledNotification. Valid values: One_Hour,Three_Hours,Six_Hours,Twelve_Hours,TwentyFour_Hours.
- modifiedTimestamp Number
- The timestamp when the rule was last modified.
- regionIds StringScope 
- The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.
- resourceGroup StringIds Scope 
- The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.
- resourceTypes List<String>Scopes 
- The types of the resources to be evaluated against the rule.
- riskLevel Number
- The risk level of the resources that are not compliant with the rule. Valid values: 1: critical2: warning3: info
- ruleName String
- The name of the rule.
- scopeCompliance StringResource Types 
- Field 'scope_compliance_resource_types' has been deprecated from provider version 1.124.1. New field 'resource_types_scope' instead.
- sourceDetail StringMessage Type 
- Field 'source_detail_message_type' has been deprecated from provider version 1.124.1. New field 'config_rule_trigger_types' instead.
- sourceIdentifier String
- The identifier of the rule. For a managed rule, the value is the name of the managed rule. For a custom rule, the value is the ARN of the custom rule.
- sourceMaximum StringExecution Frequency 
- Field 'source_maximum_execution_frequency' has been deprecated from provider version 1.124.1. New field 'maximum_execution_frequency' instead.
- sourceOwner String
- Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values: CUSTOM_FC: The rule is a custom rule and you own the rule.ALIYUN: The rule is a managed rule and Alibaba Cloud owns the rule
- status String
- The status of the rule. Valid values: ACTIVE: The rule is monitoring the configurations of target resources. DELETING_RESULTS: The compliance evaluation result returned by the rule is being deleted. EVALUATING: The rule is triggered and is evaluating whether the configurations of target resources are compliant. INACTIVE: The rule is disabled from monitoring the configurations of target resources.
- tagKey StringScope 
- The rule monitors the tag key, only applies to rules created based on managed rules.
- tagValue StringScope 
- The rule monitors the tag value, only applies to rules created based on managed rules. - The following arguments will be discarded. Please use new fields as soon as possible: 
Supporting Types
RuleCompliance, RuleComplianceArgs    
- ComplianceType string
- The type of compliance. Valid values: COMPLIANT,NON_COMPLIANT,NOT_APPLICABLE,INSUFFICIENT_DATA.
- Count int
- The count of compliance.
- ComplianceType string
- The type of compliance. Valid values: COMPLIANT,NON_COMPLIANT,NOT_APPLICABLE,INSUFFICIENT_DATA.
- Count int
- The count of compliance.
- complianceType String
- The type of compliance. Valid values: COMPLIANT,NON_COMPLIANT,NOT_APPLICABLE,INSUFFICIENT_DATA.
- count Integer
- The count of compliance.
- complianceType string
- The type of compliance. Valid values: COMPLIANT,NON_COMPLIANT,NOT_APPLICABLE,INSUFFICIENT_DATA.
- count number
- The count of compliance.
- compliance_type str
- The type of compliance. Valid values: COMPLIANT,NON_COMPLIANT,NOT_APPLICABLE,INSUFFICIENT_DATA.
- count int
- The count of compliance.
- complianceType String
- The type of compliance. Valid values: COMPLIANT,NON_COMPLIANT,NOT_APPLICABLE,INSUFFICIENT_DATA.
- count Number
- The count of compliance.
Import
Config Rule can be imported using the id, e.g.
$ pulumi import alicloud:cfg/rule:Rule example <id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the alicloudTerraform Provider.