| Copyright | (c) 2013-2023 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Amazonka.Config.PutConfigRule
Description
Adds or updates an Config rule to evaluate if your Amazon Web Services resources comply with your desired configurations. For information on how many Config rules you can have per account, see Service Limits in the Config Developer Guide.
There are two types of rules: Config Custom Rules and Config Managed
Rules. You can use PutConfigRule to create both Config custom rules
and Config managed rules.
Custom rules are rules that you can create using either Guard or Lambda
functions. Guard
(Guard GitHub Repository)
is a policy-as-code language that allows you to write policies that are
enforced by Config Custom Policy rules. Lambda uses custom code that you
upload to evaluate a custom rule. If you are adding a new Custom Lambda
rule, you first need to create an Lambda function that the rule invokes
to evaluate your resources. When you use PutConfigRule to add a Custom
Lambda rule to Config, you must specify the Amazon Resource Name (ARN)
that Lambda assigns to the function. You specify the ARN in the
SourceIdentifier key. This key is part of the Source object, which
is part of the ConfigRule object.
Managed rules are predefined, customizable rules created by Config. For
a list of managed rules, see
List of Config Managed Rules.
If you are adding an Config managed rule, you must specify the rule's
identifier for the SourceIdentifier key.
For any new rule that you add, specify the ConfigRuleName in the
ConfigRule object. Do not specify the ConfigRuleArn or the
ConfigRuleId. These values are generated by Config for new rules.
If you are updating a rule that you added previously, you can specify
the rule by ConfigRuleName, ConfigRuleId, or ConfigRuleArn in the
ConfigRule data type that you use in this request.
For more information about developing and using Config rules, see Evaluating Amazon Web Services resource Configurations with Config in the Config Developer Guide.
Synopsis
- data PutConfigRule = PutConfigRule' {
- tags :: Maybe [Tag]
- configRule :: ConfigRule
- newPutConfigRule :: ConfigRule -> PutConfigRule
- putConfigRule_tags :: Lens' PutConfigRule (Maybe [Tag])
- putConfigRule_configRule :: Lens' PutConfigRule ConfigRule
- data PutConfigRuleResponse = PutConfigRuleResponse' {
- newPutConfigRuleResponse :: PutConfigRuleResponse
Creating a Request
data PutConfigRule Source #
See: newPutConfigRule smart constructor.
Constructors
| PutConfigRule' | |
Fields
| |
Instances
Arguments
| :: ConfigRule | |
| -> PutConfigRule |
Create a value of PutConfigRule with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
PutConfigRule, putConfigRule_tags - An array of tag object.
$sel:configRule:PutConfigRule', putConfigRule_configRule - The rule that you want to add to your account.
Request Lenses
putConfigRule_tags :: Lens' PutConfigRule (Maybe [Tag]) Source #
An array of tag object.
putConfigRule_configRule :: Lens' PutConfigRule ConfigRule Source #
The rule that you want to add to your account.
Destructuring the Response
data PutConfigRuleResponse Source #
See: newPutConfigRuleResponse smart constructor.
Constructors
| PutConfigRuleResponse' | |
Instances
newPutConfigRuleResponse :: PutConfigRuleResponse Source #
Create a value of PutConfigRuleResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.