AWS Config ConfigRule Scope

Scope is a property of the AWS::Config::ConfigRule resource that specifies which AWS resources will trigger AWS Config to run an evaluation when their configurations change. The scope can include one or more resource types, a tag key and value, or one resource type and one resource ID. You cannot specify a tag-key value and a resource ID or type.

Syntax

JSON


{
  "ComplianceResourceId" : String,
  "ComplianceResourceTypes" : [ String, ... ],
  "TagKey" : String,
  "TagValue" : String
}

YAML


ComplianceResourceId: String
ComplianceResourceTypes:
  - String
TagKey: String
TagValue: String

Properties

ComplianceResourceId

The ID of an AWS resource that you want AWS Config to evaluate against a rule. If you specify an ID, you must also specify a resource type for the ComplianceResourceTypes property.

Required: No

Type: String

ComplianceResourceTypes

The types of AWS resources that you want AWS Config to evaluate against the rule. If you specify the ComplianceResourceId property, specify only one resource type. For more information, see Supported Resources, Configuration Items, and Relationships.

Required: Conditional. If you specify a value for the ComplianceResourceId property, you must also specify this property.

Type: List of String values

TagKey

The tag key that is applied to the AWS resources that you want AWS Config to evaluate against the rule.

Required: Conditional. If you specify a tag value, you must specify this property.

Type: String

TagValue

The tag value that is applied to the AWS resources that you want AWS Config to evaluate against the rule.

Required: Conditional. If you specify a tag key, you must specify this property.

Type: String

Warning Javascript is disabled or is unavailable in your browser.

To use the AWS Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

« Previous Next »