awsconfig

package
v1.145.0-devpreview Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 19, 2022 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AccessKeysRotated_IsConstruct 

func AccessKeysRotated_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func AccessKeysRotated_IsResource 

func AccessKeysRotated_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func CfnAggregationAuthorization_CFN_RESOURCE_TYPE_NAME 

func CfnAggregationAuthorization_CFN_RESOURCE_TYPE_NAME() *string

func CfnAggregationAuthorization_IsCfnElement 

func CfnAggregationAuthorization_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnAggregationAuthorization_IsCfnResource 

func CfnAggregationAuthorization_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnAggregationAuthorization_IsConstruct 

func CfnAggregationAuthorization_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnConfigRule_CFN_RESOURCE_TYPE_NAME 

func CfnConfigRule_CFN_RESOURCE_TYPE_NAME() *string

func CfnConfigRule_IsCfnElement 

func CfnConfigRule_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnConfigRule_IsCfnResource 

func CfnConfigRule_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnConfigRule_IsConstruct 

func CfnConfigRule_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnConfigurationAggregator_CFN_RESOURCE_TYPE_NAME 

func CfnConfigurationAggregator_CFN_RESOURCE_TYPE_NAME() *string

func CfnConfigurationAggregator_IsCfnElement 

func CfnConfigurationAggregator_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnConfigurationAggregator_IsCfnResource 

func CfnConfigurationAggregator_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnConfigurationAggregator_IsConstruct 

func CfnConfigurationAggregator_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnConfigurationRecorder_CFN_RESOURCE_TYPE_NAME 

func CfnConfigurationRecorder_CFN_RESOURCE_TYPE_NAME() *string

func CfnConfigurationRecorder_IsCfnElement 

func CfnConfigurationRecorder_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnConfigurationRecorder_IsCfnResource 

func CfnConfigurationRecorder_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnConfigurationRecorder_IsConstruct 

func CfnConfigurationRecorder_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnConformancePack_CFN_RESOURCE_TYPE_NAME 

func CfnConformancePack_CFN_RESOURCE_TYPE_NAME() *string

func CfnConformancePack_IsCfnElement 

func CfnConformancePack_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnConformancePack_IsCfnResource 

func CfnConformancePack_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnConformancePack_IsConstruct 

func CfnConformancePack_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnDeliveryChannel_CFN_RESOURCE_TYPE_NAME 

func CfnDeliveryChannel_CFN_RESOURCE_TYPE_NAME() *string

func CfnDeliveryChannel_IsCfnElement 

func CfnDeliveryChannel_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnDeliveryChannel_IsCfnResource 

func CfnDeliveryChannel_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnDeliveryChannel_IsConstruct 

func CfnDeliveryChannel_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnOrganizationConfigRule_CFN_RESOURCE_TYPE_NAME 

func CfnOrganizationConfigRule_CFN_RESOURCE_TYPE_NAME() *string

func CfnOrganizationConfigRule_IsCfnElement 

func CfnOrganizationConfigRule_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnOrganizationConfigRule_IsCfnResource 

func CfnOrganizationConfigRule_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnOrganizationConfigRule_IsConstruct 

func CfnOrganizationConfigRule_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnOrganizationConformancePack_CFN_RESOURCE_TYPE_NAME 

func CfnOrganizationConformancePack_CFN_RESOURCE_TYPE_NAME() *string

func CfnOrganizationConformancePack_IsCfnElement 

func CfnOrganizationConformancePack_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnOrganizationConformancePack_IsCfnResource 

func CfnOrganizationConformancePack_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnOrganizationConformancePack_IsConstruct 

func CfnOrganizationConformancePack_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnRemediationConfiguration_CFN_RESOURCE_TYPE_NAME 

func CfnRemediationConfiguration_CFN_RESOURCE_TYPE_NAME() *string

func CfnRemediationConfiguration_IsCfnElement 

func CfnRemediationConfiguration_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnRemediationConfiguration_IsCfnResource 

func CfnRemediationConfiguration_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnRemediationConfiguration_IsConstruct 

func CfnRemediationConfiguration_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnStoredQuery_CFN_RESOURCE_TYPE_NAME 

func CfnStoredQuery_CFN_RESOURCE_TYPE_NAME() *string

func CfnStoredQuery_IsCfnElement 

func CfnStoredQuery_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnStoredQuery_IsCfnResource 

func CfnStoredQuery_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnStoredQuery_IsConstruct 

func CfnStoredQuery_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CloudFormationStackDriftDetectionCheck_IsConstruct 

func CloudFormationStackDriftDetectionCheck_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CloudFormationStackDriftDetectionCheck_IsResource 

func CloudFormationStackDriftDetectionCheck_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func CloudFormationStackNotificationCheck_IsConstruct 

func CloudFormationStackNotificationCheck_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CloudFormationStackNotificationCheck_IsResource 

func CloudFormationStackNotificationCheck_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func CustomRule_IsConstruct 

func CustomRule_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CustomRule_IsResource 

func CustomRule_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func ManagedRuleIdentifiers_ACCESS_KEYS_ROTATED 

func ManagedRuleIdentifiers_ACCESS_KEYS_ROTATED() *string

func ManagedRuleIdentifiers_ACCOUNT_PART_OF_ORGANIZATIONS 

func ManagedRuleIdentifiers_ACCOUNT_PART_OF_ORGANIZATIONS() *string

func ManagedRuleIdentifiers_ACM_CERTIFICATE_EXPIRATION_CHECK 

func ManagedRuleIdentifiers_ACM_CERTIFICATE_EXPIRATION_CHECK() *string

func ManagedRuleIdentifiers_ALB_HTTP_DROP_INVALID_HEADER_ENABLED 

func ManagedRuleIdentifiers_ALB_HTTP_DROP_INVALID_HEADER_ENABLED() *string

func ManagedRuleIdentifiers_ALB_HTTP_TO_HTTPS_REDIRECTION_CHECK 

func ManagedRuleIdentifiers_ALB_HTTP_TO_HTTPS_REDIRECTION_CHECK() *string

func ManagedRuleIdentifiers_ALB_WAF_ENABLED 

func ManagedRuleIdentifiers_ALB_WAF_ENABLED() *string

func ManagedRuleIdentifiers_API_GW_CACHE_ENABLED_AND_ENCRYPTED 

func ManagedRuleIdentifiers_API_GW_CACHE_ENABLED_AND_ENCRYPTED() *string

func ManagedRuleIdentifiers_API_GW_ENDPOINT_TYPE_CHECK 

func ManagedRuleIdentifiers_API_GW_ENDPOINT_TYPE_CHECK() *string

func ManagedRuleIdentifiers_API_GW_EXECUTION_LOGGING_ENABLED 

func ManagedRuleIdentifiers_API_GW_EXECUTION_LOGGING_ENABLED() *string

func ManagedRuleIdentifiers_APPROVED_AMIS_BY_ID 

func ManagedRuleIdentifiers_APPROVED_AMIS_BY_ID() *string

func ManagedRuleIdentifiers_APPROVED_AMIS_BY_TAG 

func ManagedRuleIdentifiers_APPROVED_AMIS_BY_TAG() *string

func ManagedRuleIdentifiers_AUTOSCALING_GROUP_ELB_HEALTHCHECK_REQUIRED 

func ManagedRuleIdentifiers_AUTOSCALING_GROUP_ELB_HEALTHCHECK_REQUIRED() *string

func ManagedRuleIdentifiers_CLOUDFORMATION_STACK_DRIFT_DETECTION_CHECK 

func ManagedRuleIdentifiers_CLOUDFORMATION_STACK_DRIFT_DETECTION_CHECK() *string

func ManagedRuleIdentifiers_CLOUDFORMATION_STACK_NOTIFICATION_CHECK 

func ManagedRuleIdentifiers_CLOUDFORMATION_STACK_NOTIFICATION_CHECK() *string

func ManagedRuleIdentifiers_CLOUDFRONT_DEFAULT_ROOT_OBJECT_CONFIGURED 

func ManagedRuleIdentifiers_CLOUDFRONT_DEFAULT_ROOT_OBJECT_CONFIGURED() *string

func ManagedRuleIdentifiers_CLOUDFRONT_ORIGIN_ACCESS_IDENTITY_ENABLED 

func ManagedRuleIdentifiers_CLOUDFRONT_ORIGIN_ACCESS_IDENTITY_ENABLED() *string

func ManagedRuleIdentifiers_CLOUDFRONT_ORIGIN_FAILOVER_ENABLED 

func ManagedRuleIdentifiers_CLOUDFRONT_ORIGIN_FAILOVER_ENABLED() *string

func ManagedRuleIdentifiers_CLOUDFRONT_SNI_ENABLED 

func ManagedRuleIdentifiers_CLOUDFRONT_SNI_ENABLED() *string

func ManagedRuleIdentifiers_CLOUDFRONT_VIEWER_POLICY_HTTPS 

func ManagedRuleIdentifiers_CLOUDFRONT_VIEWER_POLICY_HTTPS() *string

func ManagedRuleIdentifiers_CLOUDTRAIL_MULTI_REGION_ENABLED 

func ManagedRuleIdentifiers_CLOUDTRAIL_MULTI_REGION_ENABLED() *string

func ManagedRuleIdentifiers_CLOUDTRAIL_S3_DATAEVENTS_ENABLED 

func ManagedRuleIdentifiers_CLOUDTRAIL_S3_DATAEVENTS_ENABLED() *string

func ManagedRuleIdentifiers_CLOUDTRAIL_SECURITY_TRAIL_ENABLED 

func ManagedRuleIdentifiers_CLOUDTRAIL_SECURITY_TRAIL_ENABLED() *string

func ManagedRuleIdentifiers_CLOUDWATCH_ALARM_ACTION_CHECK 

func ManagedRuleIdentifiers_CLOUDWATCH_ALARM_ACTION_CHECK() *string

func ManagedRuleIdentifiers_CLOUDWATCH_ALARM_RESOURCE_CHECK 

func ManagedRuleIdentifiers_CLOUDWATCH_ALARM_RESOURCE_CHECK() *string

func ManagedRuleIdentifiers_CLOUDWATCH_ALARM_SETTINGS_CHECK 

func ManagedRuleIdentifiers_CLOUDWATCH_ALARM_SETTINGS_CHECK() *string

func ManagedRuleIdentifiers_CLOUDWATCH_LOG_GROUP_ENCRYPTED 

func ManagedRuleIdentifiers_CLOUDWATCH_LOG_GROUP_ENCRYPTED() *string

func ManagedRuleIdentifiers_CLOUD_TRAIL_CLOUD_WATCH_LOGS_ENABLED 

func ManagedRuleIdentifiers_CLOUD_TRAIL_CLOUD_WATCH_LOGS_ENABLED() *string

func ManagedRuleIdentifiers_CLOUD_TRAIL_ENABLED 

func ManagedRuleIdentifiers_CLOUD_TRAIL_ENABLED() *string

func ManagedRuleIdentifiers_CLOUD_TRAIL_ENCRYPTION_ENABLED 

func ManagedRuleIdentifiers_CLOUD_TRAIL_ENCRYPTION_ENABLED() *string

func ManagedRuleIdentifiers_CLOUD_TRAIL_LOG_FILE_VALIDATION_ENABLED 

func ManagedRuleIdentifiers_CLOUD_TRAIL_LOG_FILE_VALIDATION_ENABLED() *string

func ManagedRuleIdentifiers_CMK_BACKING_KEY_ROTATION_ENABLED 

func ManagedRuleIdentifiers_CMK_BACKING_KEY_ROTATION_ENABLED() *string

func ManagedRuleIdentifiers_CODEBUILD_PROJECT_ENVVAR_AWSCRED_CHECK 

func ManagedRuleIdentifiers_CODEBUILD_PROJECT_ENVVAR_AWSCRED_CHECK() *string

func ManagedRuleIdentifiers_CODEBUILD_PROJECT_SOURCE_REPO_URL_CHECK 

func ManagedRuleIdentifiers_CODEBUILD_PROJECT_SOURCE_REPO_URL_CHECK() *string

func ManagedRuleIdentifiers_CODEPIPELINE_DEPLOYMENT_COUNT_CHECK 

func ManagedRuleIdentifiers_CODEPIPELINE_DEPLOYMENT_COUNT_CHECK() *string

func ManagedRuleIdentifiers_CODEPIPELINE_REGION_FANOUT_CHECK 

func ManagedRuleIdentifiers_CODEPIPELINE_REGION_FANOUT_CHECK() *string

func ManagedRuleIdentifiers_CW_LOGGROUP_RETENTION_PERIOD_CHECK 

func ManagedRuleIdentifiers_CW_LOGGROUP_RETENTION_PERIOD_CHECK() *string

func ManagedRuleIdentifiers_DAX_ENCRYPTION_ENABLED 

func ManagedRuleIdentifiers_DAX_ENCRYPTION_ENABLED() *string

func ManagedRuleIdentifiers_DMS_REPLICATION_NOT_PUBLIC 

func ManagedRuleIdentifiers_DMS_REPLICATION_NOT_PUBLIC() *string

func ManagedRuleIdentifiers_DYNAMODB_AUTOSCALING_ENABLED 

func ManagedRuleIdentifiers_DYNAMODB_AUTOSCALING_ENABLED() *string

func ManagedRuleIdentifiers_DYNAMODB_IN_BACKUP_PLAN 

func ManagedRuleIdentifiers_DYNAMODB_IN_BACKUP_PLAN() *string

func ManagedRuleIdentifiers_DYNAMODB_PITR_ENABLED 

func ManagedRuleIdentifiers_DYNAMODB_PITR_ENABLED() *string

func ManagedRuleIdentifiers_DYNAMODB_TABLE_ENCRYPTED_KMS 

func ManagedRuleIdentifiers_DYNAMODB_TABLE_ENCRYPTED_KMS() *string

func ManagedRuleIdentifiers_DYNAMODB_TABLE_ENCRYPTION_ENABLED 

func ManagedRuleIdentifiers_DYNAMODB_TABLE_ENCRYPTION_ENABLED() *string

func ManagedRuleIdentifiers_DYNAMODB_THROUGHPUT_LIMIT_CHECK 

func ManagedRuleIdentifiers_DYNAMODB_THROUGHPUT_LIMIT_CHECK() *string

func ManagedRuleIdentifiers_EBS_ENCRYPTED_VOLUMES 

func ManagedRuleIdentifiers_EBS_ENCRYPTED_VOLUMES() *string

func ManagedRuleIdentifiers_EBS_IN_BACKUP_PLAN 

func ManagedRuleIdentifiers_EBS_IN_BACKUP_PLAN() *string

func ManagedRuleIdentifiers_EBS_OPTIMIZED_INSTANCE 

func ManagedRuleIdentifiers_EBS_OPTIMIZED_INSTANCE() *string

func ManagedRuleIdentifiers_EBS_SNAPSHOT_PUBLIC_RESTORABLE_CHECK 

func ManagedRuleIdentifiers_EBS_SNAPSHOT_PUBLIC_RESTORABLE_CHECK() *string

func ManagedRuleIdentifiers_EC2_DESIRED_INSTANCE_TENANCY 

func ManagedRuleIdentifiers_EC2_DESIRED_INSTANCE_TENANCY() *string

func ManagedRuleIdentifiers_EC2_DESIRED_INSTANCE_TYPE 

func ManagedRuleIdentifiers_EC2_DESIRED_INSTANCE_TYPE() *string

func ManagedRuleIdentifiers_EC2_EBS_ENCRYPTION_BY_DEFAULT 

func ManagedRuleIdentifiers_EC2_EBS_ENCRYPTION_BY_DEFAULT() *string

func ManagedRuleIdentifiers_EC2_IMDSV2_CHECK 

func ManagedRuleIdentifiers_EC2_IMDSV2_CHECK() *string

func ManagedRuleIdentifiers_EC2_INSTANCES_IN_VPC 

func ManagedRuleIdentifiers_EC2_INSTANCES_IN_VPC() *string

func ManagedRuleIdentifiers_EC2_INSTANCE_DETAILED_MONITORING_ENABLED 

func ManagedRuleIdentifiers_EC2_INSTANCE_DETAILED_MONITORING_ENABLED() *string

func ManagedRuleIdentifiers_EC2_INSTANCE_MANAGED_BY_SSM 

func ManagedRuleIdentifiers_EC2_INSTANCE_MANAGED_BY_SSM() *string

func ManagedRuleIdentifiers_EC2_INSTANCE_NO_PUBLIC_IP 

func ManagedRuleIdentifiers_EC2_INSTANCE_NO_PUBLIC_IP() *string

func ManagedRuleIdentifiers_EC2_INSTANCE_PROFILE_ATTACHED 

func ManagedRuleIdentifiers_EC2_INSTANCE_PROFILE_ATTACHED() *string

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_APPLICATIONS_BLOCKED 

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_APPLICATIONS_BLOCKED() *string

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_APPLICATIONS_REQUIRED 

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_APPLICATIONS_REQUIRED() *string

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_ASSOCIATION_COMPLIANCE_STATUS_CHECK 

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_ASSOCIATION_COMPLIANCE_STATUS_CHECK() *string

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_INVENTORY_BLOCKED 

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_INVENTORY_BLOCKED() *string

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_PATCH_COMPLIANCE_STATUS_CHECK 

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_PATCH_COMPLIANCE_STATUS_CHECK() *string

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_PLATFORM_CHECK 

func ManagedRuleIdentifiers_EC2_MANAGED_INSTANCE_PLATFORM_CHECK() *string

func ManagedRuleIdentifiers_EC2_SECURITY_GROUPS_INCOMING_SSH_DISABLED 

func ManagedRuleIdentifiers_EC2_SECURITY_GROUPS_INCOMING_SSH_DISABLED() *string

func ManagedRuleIdentifiers_EC2_SECURITY_GROUPS_RESTRICTED_INCOMING_TRAFFIC 

func ManagedRuleIdentifiers_EC2_SECURITY_GROUPS_RESTRICTED_INCOMING_TRAFFIC() *string

func ManagedRuleIdentifiers_EC2_SECURITY_GROUP_ATTACHED_TO_ENI 

func ManagedRuleIdentifiers_EC2_SECURITY_GROUP_ATTACHED_TO_ENI() *string

func ManagedRuleIdentifiers_EC2_STOPPED_INSTANCE 

func ManagedRuleIdentifiers_EC2_STOPPED_INSTANCE() *string

func ManagedRuleIdentifiers_EC2_VOLUME_INUSE_CHECK 

func ManagedRuleIdentifiers_EC2_VOLUME_INUSE_CHECK() *string

func ManagedRuleIdentifiers_EFS_ENCRYPTED_CHECK 

func ManagedRuleIdentifiers_EFS_ENCRYPTED_CHECK() *string

func ManagedRuleIdentifiers_EFS_IN_BACKUP_PLAN 

func ManagedRuleIdentifiers_EFS_IN_BACKUP_PLAN() *string

func ManagedRuleIdentifiers_EIP_ATTACHED 

func ManagedRuleIdentifiers_EIP_ATTACHED() *string

func ManagedRuleIdentifiers_EKS_ENDPOINT_NO_PUBLIC_ACCESS 

func ManagedRuleIdentifiers_EKS_ENDPOINT_NO_PUBLIC_ACCESS() *string

func ManagedRuleIdentifiers_EKS_SECRETS_ENCRYPTED 

func ManagedRuleIdentifiers_EKS_SECRETS_ENCRYPTED() *string

func ManagedRuleIdentifiers_ELASTICACHE_REDIS_CLUSTER_AUTOMATIC_BACKUP_CHECK 

func ManagedRuleIdentifiers_ELASTICACHE_REDIS_CLUSTER_AUTOMATIC_BACKUP_CHECK() *string

func ManagedRuleIdentifiers_ELASTICSEARCH_ENCRYPTED_AT_REST 

func ManagedRuleIdentifiers_ELASTICSEARCH_ENCRYPTED_AT_REST() *string

func ManagedRuleIdentifiers_ELASTICSEARCH_IN_VPC_ONLY 

func ManagedRuleIdentifiers_ELASTICSEARCH_IN_VPC_ONLY() *string

func ManagedRuleIdentifiers_ELASTICSEARCH_NODE_TO_NODE_ENCRYPTION_CHECK 

func ManagedRuleIdentifiers_ELASTICSEARCH_NODE_TO_NODE_ENCRYPTION_CHECK() *string

func ManagedRuleIdentifiers_ELB_ACM_CERTIFICATE_REQUIRED 

func ManagedRuleIdentifiers_ELB_ACM_CERTIFICATE_REQUIRED() *string

func ManagedRuleIdentifiers_ELB_CROSS_ZONE_LOAD_BALANCING_ENABLED 

func ManagedRuleIdentifiers_ELB_CROSS_ZONE_LOAD_BALANCING_ENABLED() *string

func ManagedRuleIdentifiers_ELB_CUSTOM_SECURITY_POLICY_SSL_CHECK 

func ManagedRuleIdentifiers_ELB_CUSTOM_SECURITY_POLICY_SSL_CHECK() *string

func ManagedRuleIdentifiers_ELB_DELETION_PROTECTION_ENABLED 

func ManagedRuleIdentifiers_ELB_DELETION_PROTECTION_ENABLED() *string

func ManagedRuleIdentifiers_ELB_LOGGING_ENABLED 

func ManagedRuleIdentifiers_ELB_LOGGING_ENABLED() *string

func ManagedRuleIdentifiers_ELB_PREDEFINED_SECURITY_POLICY_SSL_CHECK 

func ManagedRuleIdentifiers_ELB_PREDEFINED_SECURITY_POLICY_SSL_CHECK() *string

func ManagedRuleIdentifiers_ELB_TLS_HTTPS_LISTENERS_ONLY 

func ManagedRuleIdentifiers_ELB_TLS_HTTPS_LISTENERS_ONLY() *string

func ManagedRuleIdentifiers_EMR_KERBEROS_ENABLED 

func ManagedRuleIdentifiers_EMR_KERBEROS_ENABLED() *string

func ManagedRuleIdentifiers_EMR_MASTER_NO_PUBLIC_IP 

func ManagedRuleIdentifiers_EMR_MASTER_NO_PUBLIC_IP() *string

func ManagedRuleIdentifiers_FMS_SECURITY_GROUP_AUDIT_POLICY_CHECK 

func ManagedRuleIdentifiers_FMS_SECURITY_GROUP_AUDIT_POLICY_CHECK() *string

func ManagedRuleIdentifiers_FMS_SECURITY_GROUP_CONTENT_CHECK 

func ManagedRuleIdentifiers_FMS_SECURITY_GROUP_CONTENT_CHECK() *string

func ManagedRuleIdentifiers_FMS_SECURITY_GROUP_RESOURCE_ASSOCIATION_CHECK 

func ManagedRuleIdentifiers_FMS_SECURITY_GROUP_RESOURCE_ASSOCIATION_CHECK() *string

func ManagedRuleIdentifiers_FMS_SHIELD_RESOURCE_POLICY_CHECK 

func ManagedRuleIdentifiers_FMS_SHIELD_RESOURCE_POLICY_CHECK() *string

func ManagedRuleIdentifiers_FMS_WEBACL_RESOURCE_POLICY_CHECK 

func ManagedRuleIdentifiers_FMS_WEBACL_RESOURCE_POLICY_CHECK() *string

func ManagedRuleIdentifiers_FMS_WEBACL_RULEGROUP_ASSOCIATION_CHECK 

func ManagedRuleIdentifiers_FMS_WEBACL_RULEGROUP_ASSOCIATION_CHECK() *string

func ManagedRuleIdentifiers_GUARDDUTY_ENABLED_CENTRALIZED 

func ManagedRuleIdentifiers_GUARDDUTY_ENABLED_CENTRALIZED() *string

func ManagedRuleIdentifiers_GUARDDUTY_NON_ARCHIVED_FINDINGS 

func ManagedRuleIdentifiers_GUARDDUTY_NON_ARCHIVED_FINDINGS() *string

func ManagedRuleIdentifiers_IAM_CUSTOMER_POLICY_BLOCKED_KMS_ACTIONS 

func ManagedRuleIdentifiers_IAM_CUSTOMER_POLICY_BLOCKED_KMS_ACTIONS() *string

func ManagedRuleIdentifiers_IAM_GROUP_HAS_USERS_CHECK 

func ManagedRuleIdentifiers_IAM_GROUP_HAS_USERS_CHECK() *string

func ManagedRuleIdentifiers_IAM_INLINE_POLICY_BLOCKED_KMS_ACTIONS 

func ManagedRuleIdentifiers_IAM_INLINE_POLICY_BLOCKED_KMS_ACTIONS() *string

func ManagedRuleIdentifiers_IAM_NO_INLINE_POLICY_CHECK 

func ManagedRuleIdentifiers_IAM_NO_INLINE_POLICY_CHECK() *string

func ManagedRuleIdentifiers_IAM_PASSWORD_POLICY 

func ManagedRuleIdentifiers_IAM_PASSWORD_POLICY() *string

func ManagedRuleIdentifiers_IAM_POLICY_BLOCKED_CHECK 

func ManagedRuleIdentifiers_IAM_POLICY_BLOCKED_CHECK() *string

func ManagedRuleIdentifiers_IAM_POLICY_IN_USE 

func ManagedRuleIdentifiers_IAM_POLICY_IN_USE() *string

func ManagedRuleIdentifiers_IAM_POLICY_NO_STATEMENTS_WITH_ADMIN_ACCESS 

func ManagedRuleIdentifiers_IAM_POLICY_NO_STATEMENTS_WITH_ADMIN_ACCESS() *string

func ManagedRuleIdentifiers_IAM_ROLE_MANAGED_POLICY_CHECK 

func ManagedRuleIdentifiers_IAM_ROLE_MANAGED_POLICY_CHECK() *string

func ManagedRuleIdentifiers_IAM_ROOT_ACCESS_KEY_CHECK 

func ManagedRuleIdentifiers_IAM_ROOT_ACCESS_KEY_CHECK() *string

func ManagedRuleIdentifiers_IAM_USER_GROUP_MEMBERSHIP_CHECK 

func ManagedRuleIdentifiers_IAM_USER_GROUP_MEMBERSHIP_CHECK() *string

func ManagedRuleIdentifiers_IAM_USER_MFA_ENABLED 

func ManagedRuleIdentifiers_IAM_USER_MFA_ENABLED() *string

func ManagedRuleIdentifiers_IAM_USER_NO_POLICIES_CHECK 

func ManagedRuleIdentifiers_IAM_USER_NO_POLICIES_CHECK() *string

func ManagedRuleIdentifiers_IAM_USER_UNUSED_CREDENTIALS_CHECK 

func ManagedRuleIdentifiers_IAM_USER_UNUSED_CREDENTIALS_CHECK() *string

func ManagedRuleIdentifiers_INTERNET_GATEWAY_AUTHORIZED_VPC_ONLY 

func ManagedRuleIdentifiers_INTERNET_GATEWAY_AUTHORIZED_VPC_ONLY() *string

func ManagedRuleIdentifiers_KMS_CMK_NOT_SCHEDULED_FOR_DELETION 

func ManagedRuleIdentifiers_KMS_CMK_NOT_SCHEDULED_FOR_DELETION() *string

func ManagedRuleIdentifiers_LAMBDA_CONCURRENCY_CHECK 

func ManagedRuleIdentifiers_LAMBDA_CONCURRENCY_CHECK() *string

func ManagedRuleIdentifiers_LAMBDA_DLQ_CHECK 

func ManagedRuleIdentifiers_LAMBDA_DLQ_CHECK() *string

func ManagedRuleIdentifiers_LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED 

func ManagedRuleIdentifiers_LAMBDA_FUNCTION_PUBLIC_ACCESS_PROHIBITED() *string

func ManagedRuleIdentifiers_LAMBDA_FUNCTION_SETTINGS_CHECK 

func ManagedRuleIdentifiers_LAMBDA_FUNCTION_SETTINGS_CHECK() *string

func ManagedRuleIdentifiers_LAMBDA_INSIDE_VPC 

func ManagedRuleIdentifiers_LAMBDA_INSIDE_VPC() *string

func ManagedRuleIdentifiers_MFA_ENABLED_FOR_IAM_CONSOLE_ACCESS 

func ManagedRuleIdentifiers_MFA_ENABLED_FOR_IAM_CONSOLE_ACCESS() *string

func ManagedRuleIdentifiers_RDS_CLUSTER_DELETION_PROTECTION_ENABLED 

func ManagedRuleIdentifiers_RDS_CLUSTER_DELETION_PROTECTION_ENABLED() *string

func ManagedRuleIdentifiers_RDS_DB_INSTANCE_BACKUP_ENABLED 

func ManagedRuleIdentifiers_RDS_DB_INSTANCE_BACKUP_ENABLED() *string

func ManagedRuleIdentifiers_RDS_ENHANCED_MONITORING_ENABLED 

func ManagedRuleIdentifiers_RDS_ENHANCED_MONITORING_ENABLED() *string

func ManagedRuleIdentifiers_RDS_INSTANCE_DELETION_PROTECTION_ENABLED 

func ManagedRuleIdentifiers_RDS_INSTANCE_DELETION_PROTECTION_ENABLED() *string

func ManagedRuleIdentifiers_RDS_INSTANCE_IAM_AUTHENTICATION_ENABLED 

func ManagedRuleIdentifiers_RDS_INSTANCE_IAM_AUTHENTICATION_ENABLED() *string

func ManagedRuleIdentifiers_RDS_INSTANCE_PUBLIC_ACCESS_CHECK 

func ManagedRuleIdentifiers_RDS_INSTANCE_PUBLIC_ACCESS_CHECK() *string

func ManagedRuleIdentifiers_RDS_IN_BACKUP_PLAN 

func ManagedRuleIdentifiers_RDS_IN_BACKUP_PLAN() *string

func ManagedRuleIdentifiers_RDS_LOGGING_ENABLED 

func ManagedRuleIdentifiers_RDS_LOGGING_ENABLED() *string

func ManagedRuleIdentifiers_RDS_MULTI_AZ_SUPPORT 

func ManagedRuleIdentifiers_RDS_MULTI_AZ_SUPPORT() *string

func ManagedRuleIdentifiers_RDS_SNAPSHOTS_PUBLIC_PROHIBITED 

func ManagedRuleIdentifiers_RDS_SNAPSHOTS_PUBLIC_PROHIBITED() *string

func ManagedRuleIdentifiers_RDS_SNAPSHOT_ENCRYPTED 

func ManagedRuleIdentifiers_RDS_SNAPSHOT_ENCRYPTED() *string

func ManagedRuleIdentifiers_RDS_STORAGE_ENCRYPTED 

func ManagedRuleIdentifiers_RDS_STORAGE_ENCRYPTED() *string

func ManagedRuleIdentifiers_REDSHIFT_BACKUP_ENABLED 

func ManagedRuleIdentifiers_REDSHIFT_BACKUP_ENABLED() *string

func ManagedRuleIdentifiers_REDSHIFT_CLUSTER_CONFIGURATION_CHECK 

func ManagedRuleIdentifiers_REDSHIFT_CLUSTER_CONFIGURATION_CHECK() *string

func ManagedRuleIdentifiers_REDSHIFT_CLUSTER_MAINTENANCE_SETTINGS_CHECK 

func ManagedRuleIdentifiers_REDSHIFT_CLUSTER_MAINTENANCE_SETTINGS_CHECK() *string

func ManagedRuleIdentifiers_REDSHIFT_CLUSTER_PUBLIC_ACCESS_CHECK 

func ManagedRuleIdentifiers_REDSHIFT_CLUSTER_PUBLIC_ACCESS_CHECK() *string

func ManagedRuleIdentifiers_REDSHIFT_REQUIRE_TLS_SSL 

func ManagedRuleIdentifiers_REDSHIFT_REQUIRE_TLS_SSL() *string

func ManagedRuleIdentifiers_REQUIRED_TAGS 

func ManagedRuleIdentifiers_REQUIRED_TAGS() *string

func ManagedRuleIdentifiers_ROOT_ACCOUNT_HARDWARE_MFA_ENABLED 

func ManagedRuleIdentifiers_ROOT_ACCOUNT_HARDWARE_MFA_ENABLED() *string

func ManagedRuleIdentifiers_ROOT_ACCOUNT_MFA_ENABLED 

func ManagedRuleIdentifiers_ROOT_ACCOUNT_MFA_ENABLED() *string

func ManagedRuleIdentifiers_S3_ACCOUNT_LEVEL_PUBLIC_ACCESS_BLOCKS 

func ManagedRuleIdentifiers_S3_ACCOUNT_LEVEL_PUBLIC_ACCESS_BLOCKS() *string

func ManagedRuleIdentifiers_S3_BUCKET_BLOCKED_ACTIONS_PROHIBITED 

func ManagedRuleIdentifiers_S3_BUCKET_BLOCKED_ACTIONS_PROHIBITED() *string

func ManagedRuleIdentifiers_S3_BUCKET_DEFAULT_LOCK_ENABLED 

func ManagedRuleIdentifiers_S3_BUCKET_DEFAULT_LOCK_ENABLED() *string

func ManagedRuleIdentifiers_S3_BUCKET_LEVEL_PUBLIC_ACCESS_PROHIBITED 

func ManagedRuleIdentifiers_S3_BUCKET_LEVEL_PUBLIC_ACCESS_PROHIBITED() *string

func ManagedRuleIdentifiers_S3_BUCKET_LOGGING_ENABLED 

func ManagedRuleIdentifiers_S3_BUCKET_LOGGING_ENABLED() *string

func ManagedRuleIdentifiers_S3_BUCKET_POLICY_GRANTEE_CHECK 

func ManagedRuleIdentifiers_S3_BUCKET_POLICY_GRANTEE_CHECK() *string

func ManagedRuleIdentifiers_S3_BUCKET_POLICY_NOT_MORE_PERMISSIVE 

func ManagedRuleIdentifiers_S3_BUCKET_POLICY_NOT_MORE_PERMISSIVE() *string

func ManagedRuleIdentifiers_S3_BUCKET_PUBLIC_READ_PROHIBITED 

func ManagedRuleIdentifiers_S3_BUCKET_PUBLIC_READ_PROHIBITED() *string

func ManagedRuleIdentifiers_S3_BUCKET_PUBLIC_WRITE_PROHIBITED 

func ManagedRuleIdentifiers_S3_BUCKET_PUBLIC_WRITE_PROHIBITED() *string

func ManagedRuleIdentifiers_S3_BUCKET_REPLICATION_ENABLED 

func ManagedRuleIdentifiers_S3_BUCKET_REPLICATION_ENABLED() *string

func ManagedRuleIdentifiers_S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED 

func ManagedRuleIdentifiers_S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED() *string

func ManagedRuleIdentifiers_S3_BUCKET_SSL_REQUESTS_ONLY 

func ManagedRuleIdentifiers_S3_BUCKET_SSL_REQUESTS_ONLY() *string

func ManagedRuleIdentifiers_S3_BUCKET_VERSIONING_ENABLED 

func ManagedRuleIdentifiers_S3_BUCKET_VERSIONING_ENABLED() *string

func ManagedRuleIdentifiers_S3_DEFAULT_ENCRYPTION_KMS 

func ManagedRuleIdentifiers_S3_DEFAULT_ENCRYPTION_KMS() *string

func ManagedRuleIdentifiers_SAGEMAKER_ENDPOINT_CONFIGURATION_KMS_KEY_CONFIGURED 

func ManagedRuleIdentifiers_SAGEMAKER_ENDPOINT_CONFIGURATION_KMS_KEY_CONFIGURED() *string

func ManagedRuleIdentifiers_SAGEMAKER_NOTEBOOK_INSTANCE_KMS_KEY_CONFIGURED 

func ManagedRuleIdentifiers_SAGEMAKER_NOTEBOOK_INSTANCE_KMS_KEY_CONFIGURED() *string

func ManagedRuleIdentifiers_SAGEMAKER_NOTEBOOK_NO_DIRECT_INTERNET_ACCESS 

func ManagedRuleIdentifiers_SAGEMAKER_NOTEBOOK_NO_DIRECT_INTERNET_ACCESS() *string

func ManagedRuleIdentifiers_SECRETSMANAGER_ROTATION_ENABLED_CHECK 

func ManagedRuleIdentifiers_SECRETSMANAGER_ROTATION_ENABLED_CHECK() *string

func ManagedRuleIdentifiers_SECRETSMANAGER_SCHEDULED_ROTATION_SUCCESS_CHECK 

func ManagedRuleIdentifiers_SECRETSMANAGER_SCHEDULED_ROTATION_SUCCESS_CHECK() *string

func ManagedRuleIdentifiers_SECURITYHUB_ENABLED 

func ManagedRuleIdentifiers_SECURITYHUB_ENABLED() *string

func ManagedRuleIdentifiers_SERVICE_VPC_ENDPOINT_ENABLED 

func ManagedRuleIdentifiers_SERVICE_VPC_ENDPOINT_ENABLED() *string

func ManagedRuleIdentifiers_SHIELD_ADVANCED_ENABLED_AUTO_RENEW 

func ManagedRuleIdentifiers_SHIELD_ADVANCED_ENABLED_AUTO_RENEW() *string

func ManagedRuleIdentifiers_SHIELD_DRT_ACCESS 

func ManagedRuleIdentifiers_SHIELD_DRT_ACCESS() *string

func ManagedRuleIdentifiers_SNS_ENCRYPTED_KMS 

func ManagedRuleIdentifiers_SNS_ENCRYPTED_KMS() *string

func ManagedRuleIdentifiers_VPC_DEFAULT_SECURITY_GROUP_CLOSED 

func ManagedRuleIdentifiers_VPC_DEFAULT_SECURITY_GROUP_CLOSED() *string

func ManagedRuleIdentifiers_VPC_FLOW_LOGS_ENABLED 

func ManagedRuleIdentifiers_VPC_FLOW_LOGS_ENABLED() *string

func ManagedRuleIdentifiers_VPC_SG_OPEN_ONLY_TO_AUTHORIZED_PORTS 

func ManagedRuleIdentifiers_VPC_SG_OPEN_ONLY_TO_AUTHORIZED_PORTS() *string

func ManagedRuleIdentifiers_VPC_VPN_2_TUNNELS_UP 

func ManagedRuleIdentifiers_VPC_VPN_2_TUNNELS_UP() *string

func ManagedRuleIdentifiers_WAFV2_LOGGING_ENABLED 

func ManagedRuleIdentifiers_WAFV2_LOGGING_ENABLED() *string

func ManagedRuleIdentifiers_WAF_CLASSIC_LOGGING_ENABLED 

func ManagedRuleIdentifiers_WAF_CLASSIC_LOGGING_ENABLED() *string

func ManagedRule_IsConstruct 

func ManagedRule_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func ManagedRule_IsResource 

func ManagedRule_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func NewAccessKeysRotated_Override 

func NewAccessKeysRotated_Override(a AccessKeysRotated, scope constructs.Construct, id *string, props *AccessKeysRotatedProps)

Experimental.

func NewCfnAggregationAuthorization_Override 

func NewCfnAggregationAuthorization_Override(c CfnAggregationAuthorization, scope awscdk.Construct, id *string, props *CfnAggregationAuthorizationProps)

Create a new `AWS::Config::AggregationAuthorization`.

func NewCfnConfigRule_Override 

func NewCfnConfigRule_Override(c CfnConfigRule, scope awscdk.Construct, id *string, props *CfnConfigRuleProps)

Create a new `AWS::Config::ConfigRule`.

func NewCfnConfigurationAggregator_Override 

func NewCfnConfigurationAggregator_Override(c CfnConfigurationAggregator, scope awscdk.Construct, id *string, props *CfnConfigurationAggregatorProps)

Create a new `AWS::Config::ConfigurationAggregator`.

func NewCfnConfigurationRecorder_Override 

func NewCfnConfigurationRecorder_Override(c CfnConfigurationRecorder, scope awscdk.Construct, id *string, props *CfnConfigurationRecorderProps)

Create a new `AWS::Config::ConfigurationRecorder`.

func NewCfnConformancePack_Override 

func NewCfnConformancePack_Override(c CfnConformancePack, scope awscdk.Construct, id *string, props *CfnConformancePackProps)

Create a new `AWS::Config::ConformancePack`.

func NewCfnDeliveryChannel_Override 

func NewCfnDeliveryChannel_Override(c CfnDeliveryChannel, scope awscdk.Construct, id *string, props *CfnDeliveryChannelProps)

Create a new `AWS::Config::DeliveryChannel`.

func NewCfnOrganizationConfigRule_Override 

func NewCfnOrganizationConfigRule_Override(c CfnOrganizationConfigRule, scope awscdk.Construct, id *string, props *CfnOrganizationConfigRuleProps)

Create a new `AWS::Config::OrganizationConfigRule`.

func NewCfnOrganizationConformancePack_Override 

func NewCfnOrganizationConformancePack_Override(c CfnOrganizationConformancePack, scope awscdk.Construct, id *string, props *CfnOrganizationConformancePackProps)

Create a new `AWS::Config::OrganizationConformancePack`.

func NewCfnRemediationConfiguration_Override 

func NewCfnRemediationConfiguration_Override(c CfnRemediationConfiguration, scope awscdk.Construct, id *string, props *CfnRemediationConfigurationProps)

Create a new `AWS::Config::RemediationConfiguration`.

func NewCfnStoredQuery_Override 

func NewCfnStoredQuery_Override(c CfnStoredQuery, scope awscdk.Construct, id *string, props *CfnStoredQueryProps)

Create a new `AWS::Config::StoredQuery`.

func NewCloudFormationStackDriftDetectionCheck_Override 

func NewCloudFormationStackDriftDetectionCheck_Override(c CloudFormationStackDriftDetectionCheck, scope constructs.Construct, id *string, props *CloudFormationStackDriftDetectionCheckProps)

Experimental.

func NewCloudFormationStackNotificationCheck_Override 

func NewCloudFormationStackNotificationCheck_Override(c CloudFormationStackNotificationCheck, scope constructs.Construct, id *string, props *CloudFormationStackNotificationCheckProps)

Experimental.

func NewCustomRule_Override 

func NewCustomRule_Override(c CustomRule, scope constructs.Construct, id *string, props *CustomRuleProps)

Experimental.

func NewManagedRule_Override 

func NewManagedRule_Override(m ManagedRule, scope constructs.Construct, id *string, props *ManagedRuleProps)

Experimental.

Types

type AccessKeysRotated 

type AccessKeysRotated interface {
	ManagedRule
	ConfigRuleArn() *string
	ConfigRuleComplianceType() *string
	ConfigRuleId() *string
	ConfigRuleName() *string
	Env() *awscdk.ResourceEnvironment
	IsCustomWithChanges() *bool
	SetIsCustomWithChanges(val *bool)
	IsManaged() *bool
	SetIsManaged(val *bool)
	Node() awscdk.ConstructNode
	PhysicalName() *string
	RuleScope() RuleScope
	SetRuleScope(val RuleScope)
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnComplianceChange(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnPrepare()
	OnReEvaluationStatus(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Checks whether the active access keys are rotated within the number of days specified in `maxAge`.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/config/latest/developerguide/access-keys-rotated.html

Experimental.

func NewAccessKeysRotated 

func NewAccessKeysRotated(scope constructs.Construct, id *string, props *AccessKeysRotatedProps) AccessKeysRotated

Experimental.

type AccessKeysRotatedProps 

type AccessKeysRotatedProps struct {
	// A name for the AWS Config rule.
	// Experimental.
	ConfigRuleName *string `json:"configRuleName" yaml:"configRuleName"`
	// A description about this AWS Config rule.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// Input parameter values that are passed to the AWS Config rule.
	// Experimental.
	InputParameters *map[string]interface{} `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency at which the AWS Config rule runs evaluations.
	// Experimental.
	MaximumExecutionFrequency MaximumExecutionFrequency `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// Defines which resources trigger an evaluation for an AWS Config rule.
	// Experimental.
	RuleScope RuleScope `json:"ruleScope" yaml:"ruleScope"`
	// The maximum number of days within which the access keys must be rotated.
	// Experimental.
	MaxAge awscdk.Duration `json:"maxAge" yaml:"maxAge"`
}

Construction properties for a AccessKeysRotated.

TODO: EXAMPLE

Experimental.

type CfnAggregationAuthorization 

type CfnAggregationAuthorization interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrAggregationAuthorizationArn() *string
	AuthorizedAccountId() *string
	SetAuthorizedAccountId(val *string)
	AuthorizedAwsRegion() *string
	SetAuthorizedAwsRegion(val *string)
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	LogicalId() *string
	Node() awscdk.ConstructNode
	Ref() *string
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::AggregationAuthorization`.

An object that represents the authorizations granted to aggregator accounts and regions.

TODO: EXAMPLE

func NewCfnAggregationAuthorization 

func NewCfnAggregationAuthorization(scope awscdk.Construct, id *string, props *CfnAggregationAuthorizationProps) CfnAggregationAuthorization

Create a new `AWS::Config::AggregationAuthorization`.

type CfnAggregationAuthorizationProps 

type CfnAggregationAuthorizationProps struct {
	// The 12-digit account ID of the account authorized to aggregate data.
	AuthorizedAccountId *string `json:"authorizedAccountId" yaml:"authorizedAccountId"`
	// The region authorized to collect aggregated data.
	AuthorizedAwsRegion *string `json:"authorizedAwsRegion" yaml:"authorizedAwsRegion"`
	// An array of tag object.
	Tags *[]*awscdk.CfnTag `json:"tags" yaml:"tags"`
}

Properties for defining a `CfnAggregationAuthorization`.

TODO: EXAMPLE

type CfnConfigRule 

type CfnConfigRule interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrArn() *string
	AttrComplianceType() *string
	AttrConfigRuleId() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ConfigRuleName() *string
	SetConfigRuleName(val *string)
	CreationStack() *[]*string
	Description() *string
	SetDescription(val *string)
	InputParameters() interface{}
	SetInputParameters(val interface{})
	LogicalId() *string
	MaximumExecutionFrequency() *string
	SetMaximumExecutionFrequency(val *string)
	Node() awscdk.ConstructNode
	Ref() *string
	Scope() interface{}
	SetScope(val interface{})
	Source() interface{}
	SetSource(val interface{})
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::ConfigRule`.

Specifies an AWS Config rule for evaluating whether your AWS resources comply with your desired configurations.

You can use this action for custom AWS Config rules and AWS managed Config rules. A custom AWS Config rule is a rule that you develop and maintain. An AWS managed Config rule is a customizable, predefined rule that AWS Config provides.

If you are adding a new custom AWS Config rule, you must first create the AWS Lambda function that the rule invokes to evaluate your resources. When you use the `PutConfigRule` action to add the rule to AWS Config , you must specify the Amazon Resource Name (ARN) that AWS Lambda assigns to the function. Specify the ARN for the `SourceIdentifier` key. This key is part of the `Source` object, which is part of the `ConfigRule` object.

If you are adding an AWS managed Config rule, specify the rule's identifier for the `SourceIdentifier` key. To reference AWS managed Config rule identifiers, see [About AWS Managed Config Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .

For any new rule that you add, specify the `ConfigRuleName` in the `ConfigRule` object. Do not specify the `ConfigRuleArn` or the `ConfigRuleId` . These values are generated by AWS Config for new rules.

If you are updating a rule that you added previously, you can specify the rule by `ConfigRuleName` , `ConfigRuleId` , or `ConfigRuleArn` in the `ConfigRule` data type that you use in this request.

The maximum number of rules that AWS Config supports is 150.

For information about requesting a rule limit increase, see [AWS Config Limits](https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_config) in the *AWS General Reference Guide* .

For more information about developing and using AWS Config rules, see [Evaluating AWS Resource Configurations with AWS Config](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html) in the *AWS Config Developer Guide* .

TODO: EXAMPLE

func NewCfnConfigRule 

func NewCfnConfigRule(scope awscdk.Construct, id *string, props *CfnConfigRuleProps) CfnConfigRule

Create a new `AWS::Config::ConfigRule`.

type CfnConfigRuleProps 

type CfnConfigRuleProps struct {
	// Provides the rule owner ( AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
	Source interface{} `json:"source" yaml:"source"`
	// A name for the AWS Config rule.
	//
	// If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
	ConfigRuleName *string `json:"configRuleName" yaml:"configRuleName"`
	// The description that you provide for the AWS Config rule.
	Description *string `json:"description" yaml:"description"`
	// A string, in JSON format, that is passed to the AWS Config rule Lambda function.
	InputParameters interface{} `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency with which AWS Config runs evaluations for a rule.
	//
	// You can specify a value for `MaximumExecutionFrequency` when:
	//
	// - You are using an AWS managed rule that is triggered at a periodic frequency.
	// - Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .
	//
	// > By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.
	MaximumExecutionFrequency *string `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// Defines which resources can trigger an evaluation for the rule.
	//
	// The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.
	//
	// > The scope can be empty.
	Scope interface{} `json:"scope" yaml:"scope"`
}

Properties for defining a `CfnConfigRule`.

TODO: EXAMPLE

type CfnConfigRule_ScopeProperty 

type CfnConfigRule_ScopeProperty struct {
	// The ID of the only AWS resource that you want to trigger an evaluation for the rule.
	//
	// If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .
	ComplianceResourceId *string `json:"complianceResourceId" yaml:"complianceResourceId"`
	// The resource types of only those AWS resources that you want to trigger an evaluation for the rule.
	//
	// You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .
	ComplianceResourceTypes *[]*string `json:"complianceResourceTypes" yaml:"complianceResourceTypes"`
	// The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.
	TagKey *string `json:"tagKey" yaml:"tagKey"`
	// The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule.
	//
	// If you specify a value for `TagValue` , you must also specify a value for `TagKey` .
	TagValue *string `json:"tagValue" yaml:"tagValue"`
}

Defines which resources trigger an evaluation for an AWS Config rule.

The scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. Specify a scope to constrain which resources trigger an evaluation for a rule. Otherwise, evaluations for the rule are triggered when any resource in your recording group changes in configuration.

TODO: EXAMPLE

type CfnConfigRule_SourceDetailProperty 

type CfnConfigRule_SourceDetailProperty struct {
	// The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
	EventSource *string `json:"eventSource" yaml:"eventSource"`
	// The type of notification that triggers AWS Config to run an evaluation for a rule.
	//
	// You can specify the following notification types:
	//
	// - `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.
	// - `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.
	// - `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .
	// - `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.
	//
	// If you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .
	MessageType *string `json:"messageType" yaml:"messageType"`
	// The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger.
	//
	// If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.
	//
	// > By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.
	// >
	// > Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.
	MaximumExecutionFrequency *string `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
}

Provides the source and the message types that trigger AWS Config to evaluate your AWS resources against a rule.

It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic. You can specify the parameter values for `SourceDetail` only for custom rules.

TODO: EXAMPLE

type CfnConfigRule_SourceProperty 

type CfnConfigRule_SourceProperty struct {
	// Indicates whether AWS or the customer owns and manages the AWS Config rule.
	Owner *string `json:"owner" yaml:"owner"`
	// For AWS Config managed rules, a predefined identifier from a list.
	//
	// For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .
	//
	// For custom rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .
	SourceIdentifier *string `json:"sourceIdentifier" yaml:"sourceIdentifier"`
	// Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.
	SourceDetails interface{} `json:"sourceDetails" yaml:"sourceDetails"`
}

Provides the AWS Config rule owner ( AWS or customer), the rule identifier, and the events that trigger the evaluation of your AWS resources.

TODO: EXAMPLE

type CfnConfigurationAggregator 

type CfnConfigurationAggregator interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AccountAggregationSources() interface{}
	SetAccountAggregationSources(val interface{})
	AttrConfigurationAggregatorArn() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ConfigurationAggregatorName() *string
	SetConfigurationAggregatorName(val *string)
	CreationStack() *[]*string
	LogicalId() *string
	Node() awscdk.ConstructNode
	OrganizationAggregationSource() interface{}
	SetOrganizationAggregationSource(val interface{})
	Ref() *string
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::ConfigurationAggregator`.

The details about the configuration aggregator, including information about source accounts, regions, and metadata of the aggregator.

TODO: EXAMPLE

func NewCfnConfigurationAggregator 

func NewCfnConfigurationAggregator(scope awscdk.Construct, id *string, props *CfnConfigurationAggregatorProps) CfnConfigurationAggregator

Create a new `AWS::Config::ConfigurationAggregator`.

type CfnConfigurationAggregatorProps 

type CfnConfigurationAggregatorProps struct {
	// Provides a list of source accounts and regions to be aggregated.
	AccountAggregationSources interface{} `json:"accountAggregationSources" yaml:"accountAggregationSources"`
	// The name of the aggregator.
	ConfigurationAggregatorName *string `json:"configurationAggregatorName" yaml:"configurationAggregatorName"`
	// Provides an organization and list of regions to be aggregated.
	OrganizationAggregationSource interface{} `json:"organizationAggregationSource" yaml:"organizationAggregationSource"`
	// An array of tag object.
	Tags *[]*awscdk.CfnTag `json:"tags" yaml:"tags"`
}

Properties for defining a `CfnConfigurationAggregator`.

TODO: EXAMPLE

type CfnConfigurationAggregator_AccountAggregationSourceProperty 

type CfnConfigurationAggregator_AccountAggregationSourceProperty struct {
	// The 12-digit account ID of the account being aggregated.
	AccountIds *[]*string `json:"accountIds" yaml:"accountIds"`
	// If true, aggregate existing AWS Config regions and future regions.
	AllAwsRegions interface{} `json:"allAwsRegions" yaml:"allAwsRegions"`
	// The source regions being aggregated.
	AwsRegions *[]*string `json:"awsRegions" yaml:"awsRegions"`
}

A collection of accounts and regions.

TODO: EXAMPLE

type CfnConfigurationAggregator_OrganizationAggregationSourceProperty 

type CfnConfigurationAggregator_OrganizationAggregationSourceProperty struct {
	// ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.
	RoleArn *string `json:"roleArn" yaml:"roleArn"`
	// If true, aggregate existing AWS Config regions and future regions.
	AllAwsRegions interface{} `json:"allAwsRegions" yaml:"allAwsRegions"`
	// The source regions being aggregated.
	AwsRegions *[]*string `json:"awsRegions" yaml:"awsRegions"`
}

This object contains regions to set up the aggregator and an IAM role to retrieve organization details.

TODO: EXAMPLE

type CfnConfigurationRecorder 

type CfnConfigurationRecorder interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() awscdk.ConstructNode
	RecordingGroup() interface{}
	SetRecordingGroup(val interface{})
	Ref() *string
	RoleArn() *string
	SetRoleArn(val *string)
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::ConfigurationRecorder`.

The AWS::Config::ConfigurationRecorder resource describes the AWS resource types for which AWS Config records configuration changes. The configuration recorder stores the configurations of the supported resources in your account as configuration items.

> To enable AWS Config , you must create a configuration recorder and a delivery channel. AWS Config uses the delivery channel to deliver the configuration changes to your Amazon S3 bucket or Amazon SNS topic. For more information, see [AWS::Config::DeliveryChannel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-deliverychannel.html) .

AWS CloudFormation starts the recorder as soon as the delivery channel is available.

To stop the recorder and delete it, delete the configuration recorder from your stack. To stop the recorder without deleting it, call the [StopConfigurationRecorder](https://docs.aws.amazon.com/config/latest/APIReference/API_StopConfigurationRecorder.html) action of the AWS Config API directly.

For more information, see [Configuration Recorder](https://docs.aws.amazon.com/config/latest/developerguide/config-concepts.html#config-recorder) in the AWS Config Developer Guide.

TODO: EXAMPLE

func NewCfnConfigurationRecorder 

func NewCfnConfigurationRecorder(scope awscdk.Construct, id *string, props *CfnConfigurationRecorderProps) CfnConfigurationRecorder

Create a new `AWS::Config::ConfigurationRecorder`.

type CfnConfigurationRecorderProps 

type CfnConfigurationRecorderProps struct {
	// The Amazon Resource Name (ARN) of the IAM (IAM) role that is used to make read or write requests to the delivery channel that you specify and to get configuration details for supported AWS resources.
	//
	// For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.
	RoleArn *string `json:"roleArn" yaml:"roleArn"`
	// A name for the configuration recorder.
	//
	// If you don't specify a name, AWS CloudFormation CloudFormation generates a unique physical ID and uses that ID for the configuration recorder name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
	//
	// > After you create a configuration recorder, you cannot rename it. If you don't want a name that AWS CloudFormation generates, specify a value for this property.
	//
	// Updates are not supported.
	Name *string `json:"name" yaml:"name"`
	// Indicates whether to record configurations for all supported resources or for a list of resource types.
	//
	// The resource types that you list must be supported by AWS Config .
	RecordingGroup interface{} `json:"recordingGroup" yaml:"recordingGroup"`
}

Properties for defining a `CfnConfigurationRecorder`.

TODO: EXAMPLE

type CfnConfigurationRecorder_RecordingGroupProperty 

type CfnConfigurationRecorder_RecordingGroupProperty struct {
	// Specifies whether AWS Config records configuration changes for every supported type of regional resource.
	//
	// If you set this option to `true` , when AWS Config adds support for a new type of regional resource, it starts recording resources of that type automatically.
	//
	// If you set this option to `true` , you cannot enumerate a list of `resourceTypes` .
	AllSupported interface{} `json:"allSupported" yaml:"allSupported"`
	// Specifies whether AWS Config includes all supported types of global resources (for example, IAM resources) with the resources that it records.
	//
	// Before you can set this option to `true` , you must set the `AllSupported` option to `true` .
	//
	// If you set this option to `true` , when AWS Config adds support for a new type of global resource, it starts recording resources of that type automatically.
	//
	// The configuration details for any global resource are the same in all regions. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources.
	IncludeGlobalResourceTypes interface{} `json:"includeGlobalResourceTypes" yaml:"includeGlobalResourceTypes"`
	// A comma-separated list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail` ).
	//
	// To record all configuration changes, you must set the `AllSupported` option to `false` .
	//
	// If you set this option to `true` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group.
	//
	// For a list of valid `resourceTypes` values, see the *resourceType Value* column in [Supported AWS Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) .
	ResourceTypes *[]*string `json:"resourceTypes" yaml:"resourceTypes"`
}

Specifies the types of AWS resource for which AWS Config records configuration changes.

In the recording group, you specify whether all supported types or specific types of resources are recorded.

By default, AWS Config records configuration changes for all supported types of regional resources that AWS Config discovers in the region in which it is running. Regional resources are tied to a region and can be used only in that region. Examples of regional resources are EC2 instances and EBS volumes.

You can also have AWS Config record configuration changes for supported types of global resources (for example, IAM resources). Global resources are not tied to an individual region and can be used in all regions.

> The configuration details for any global resource are the same in all regions. If you customize AWS Config in multiple regions to record global resources, it will create multiple configuration items each time a global resource changes: one configuration item for each region. These configuration items will contain identical data. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources, unless you want the configuration items to be available in multiple regions.

If you don't want AWS Config to record all resources, you can specify which types of resources it will record with the `resourceTypes` parameter.

For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) .

For more information, see [Selecting Which Resources AWS Config Records](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html) .

TODO: EXAMPLE

type CfnConformancePack 

type CfnConformancePack interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ConformancePackInputParameters() interface{}
	SetConformancePackInputParameters(val interface{})
	ConformancePackName() *string
	SetConformancePackName(val *string)
	CreationStack() *[]*string
	DeliveryS3Bucket() *string
	SetDeliveryS3Bucket(val *string)
	DeliveryS3KeyPrefix() *string
	SetDeliveryS3KeyPrefix(val *string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	Ref() *string
	Stack() awscdk.Stack
	TemplateBody() *string
	SetTemplateBody(val *string)
	TemplateS3Uri() *string
	SetTemplateS3Uri(val *string)
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::ConformancePack`.

A conformance pack is a collection of AWS Config rules and remediation actions that can be easily deployed in an account and a region. ConformancePack creates a service linked role in your account. The service linked role is created only when the role does not exist in your account.

TODO: EXAMPLE

func NewCfnConformancePack 

func NewCfnConformancePack(scope awscdk.Construct, id *string, props *CfnConformancePackProps) CfnConformancePack

Create a new `AWS::Config::ConformancePack`.

type CfnConformancePackProps 

type CfnConformancePackProps struct {
	// Name of the conformance pack you want to create.
	ConformancePackName *string `json:"conformancePackName" yaml:"conformancePackName"`
	// A list of ConformancePackInputParameter objects.
	ConformancePackInputParameters interface{} `json:"conformancePackInputParameters" yaml:"conformancePackInputParameters"`
	// The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.
	DeliveryS3Bucket *string `json:"deliveryS3Bucket" yaml:"deliveryS3Bucket"`
	// The prefix for the Amazon S3 bucket.
	DeliveryS3KeyPrefix *string `json:"deliveryS3KeyPrefix" yaml:"deliveryS3KeyPrefix"`
	// A string containing full conformance pack template body.
	//
	// Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.
	//
	// > You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).
	TemplateBody *string `json:"templateBody" yaml:"templateBody"`
	// Location of file containing the template body (s3://bucketname/prefix).
	//
	// The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.
	//
	// > You must have access to read Amazon S3 bucket.
	TemplateS3Uri *string `json:"templateS3Uri" yaml:"templateS3Uri"`
}

Properties for defining a `CfnConformancePack`.

TODO: EXAMPLE

type CfnConformancePack_ConformancePackInputParameterProperty 

type CfnConformancePack_ConformancePackInputParameterProperty struct {
	// One part of a key-value pair.
	ParameterName *string `json:"parameterName" yaml:"parameterName"`
	// Another part of the key-value pair.
	ParameterValue *string `json:"parameterValue" yaml:"parameterValue"`
}

Input parameters in the form of key-value pairs for the conformance pack, both of which you define.

Keys can have a maximum character length of 255 characters, and values can have a maximum length of 4096 characters.

TODO: EXAMPLE

type CfnDeliveryChannel 

type CfnDeliveryChannel interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ConfigSnapshotDeliveryProperties() interface{}
	SetConfigSnapshotDeliveryProperties(val interface{})
	CreationStack() *[]*string
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() awscdk.ConstructNode
	Ref() *string
	S3BucketName() *string
	SetS3BucketName(val *string)
	S3KeyPrefix() *string
	SetS3KeyPrefix(val *string)
	S3KmsKeyArn() *string
	SetS3KmsKeyArn(val *string)
	SnsTopicArn() *string
	SetSnsTopicArn(val *string)
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::DeliveryChannel`.

Specifies a delivery channel object to deliver configuration information to an Amazon S3 bucket and Amazon SNS topic.

Before you can create a delivery channel, you must create a configuration recorder. You can use this action to change the Amazon S3 bucket or an Amazon SNS topic of the existing delivery channel. To change the Amazon S3 bucket or an Amazon SNS topic, call this action and specify the changed values for the S3 bucket and the SNS topic. If you specify a different value for either the S3 bucket or the SNS topic, this action will keep the existing value for the parameter that is not changed.

> In the China (Beijing) Region, when you call this action, the Amazon S3 bucket must also be in the China (Beijing) Region. In all the other regions, AWS Config supports cross-region and cross-account delivery channels.

You can have only one delivery channel per region per AWS account, and the delivery channel is required to use AWS Config .

> AWS Config does not support the delivery channel to an Amazon S3 bucket bucket where object lock is enabled. For more information, see [How S3 Object Lock works](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html) .

When you create the delivery channel, you can specify; how often AWS Config delivers configuration snapshots to your Amazon S3 bucket (for example, 24 hours), the S3 bucket to which AWS Config sends configuration snapshots and configuration history files, and the Amazon SNS topic to which AWS Config sends notifications about configuration changes, such as updated resources, AWS Config rule evaluations, and when AWS Config delivers the configuration snapshot to your S3 bucket. For more information, see [Deliver Configuration Items](https://docs.aws.amazon.com/config/latest/developerguide/how-does-config-work.html#delivery-channel) in the AWS Config Developer Guide.

> To enable AWS Config , you must create a configuration recorder and a delivery channel. If you want to create the resources separately, you must create a configuration recorder before you can create a delivery channel. AWS Config uses the configuration recorder to capture configuration changes to your resources. For more information, see [AWS::Config::ConfigurationRecorder](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configurationrecorder.html) .

For more information, see [Managing the Delivery Channel](https://docs.aws.amazon.com/config/latest/developerguide/manage-delivery-channel.html) in the AWS Config Developer Guide.

TODO: EXAMPLE

func NewCfnDeliveryChannel 

func NewCfnDeliveryChannel(scope awscdk.Construct, id *string, props *CfnDeliveryChannelProps) CfnDeliveryChannel

Create a new `AWS::Config::DeliveryChannel`.

type CfnDeliveryChannelProps 

type CfnDeliveryChannelProps struct {
	// The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
	//
	// If you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the AWS Config Developer Guide.
	S3BucketName *string `json:"s3BucketName" yaml:"s3BucketName"`
	// The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.
	ConfigSnapshotDeliveryProperties interface{} `json:"configSnapshotDeliveryProperties" yaml:"configSnapshotDeliveryProperties"`
	// A name for the delivery channel.
	//
	// If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
	//
	// Updates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.
	Name *string `json:"name" yaml:"name"`
	// The prefix for the specified Amazon S3 bucket.
	S3KeyPrefix *string `json:"s3KeyPrefix" yaml:"s3KeyPrefix"`
	// The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config .
	//
	// Must belong to the same Region as the destination S3 bucket.
	S3KmsKeyArn *string `json:"s3KmsKeyArn" yaml:"s3KmsKeyArn"`
	// The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
	//
	// If you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the AWS Config Developer Guide.
	SnsTopicArn *string `json:"snsTopicArn" yaml:"snsTopicArn"`
}

Properties for defining a `CfnDeliveryChannel`.

TODO: EXAMPLE

type CfnDeliveryChannel_ConfigSnapshotDeliveryPropertiesProperty 

type CfnDeliveryChannel_ConfigSnapshotDeliveryPropertiesProperty struct {
	// The frequency with which AWS Config delivers configuration snapshots.
	DeliveryFrequency *string `json:"deliveryFrequency" yaml:"deliveryFrequency"`
}

Provides options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket in your delivery channel.

> If you want to create a rule that triggers evaluations for your resources when AWS Config delivers the configuration snapshot, see the following:

The frequency for a rule that triggers evaluations for your resources when AWS Config delivers the configuration snapshot is set by one of two values, depending on which is less frequent:

- The value for the `deliveryFrequency` parameter within the delivery channel configuration, which sets how often AWS Config delivers configuration snapshots. This value also sets how often AWS Config invokes evaluations for AWS Config rules. - The value for the `MaximumExecutionFrequency` parameter, which sets the maximum frequency with which AWS Config invokes evaluations for the rule. For more information, see [ConfigRule](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigRule.html) .

If the `deliveryFrequency` value is less frequent than the `MaximumExecutionFrequency` value for a rule, AWS Config invokes the rule only as often as the `deliveryFrequency` value.

- For example, you want your rule to run evaluations when AWS Config delivers the configuration snapshot. - You specify the `MaximumExecutionFrequency` value for `Six_Hours` . - You then specify the delivery channel `deliveryFrequency` value for `TwentyFour_Hours` . - Because the value for `deliveryFrequency` is less frequent than `MaximumExecutionFrequency` , AWS Config invokes evaluations for the rule every 24 hours.

You should set the `MaximumExecutionFrequency` value to be at least as frequent as the `deliveryFrequency` value. You can view the `deliveryFrequency` value by using the `DescribeDeliveryChannnels` action.

To update the `deliveryFrequency` with which AWS Config delivers your configuration snapshots, use the `PutDeliveryChannel` action.

TODO: EXAMPLE

type CfnOrganizationConfigRule 

type CfnOrganizationConfigRule interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	ExcludedAccounts() *[]*string
	SetExcludedAccounts(val *[]*string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	OrganizationConfigRuleName() *string
	SetOrganizationConfigRuleName(val *string)
	OrganizationCustomCodeRuleMetadata() interface{}
	SetOrganizationCustomCodeRuleMetadata(val interface{})
	OrganizationCustomRuleMetadata() interface{}
	SetOrganizationCustomRuleMetadata(val interface{})
	OrganizationManagedRuleMetadata() interface{}
	SetOrganizationManagedRuleMetadata(val interface{})
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::OrganizationConfigRule`.

An organization config rule that has information about config rules that AWS Config creates in member accounts. Only a master account and a delegated administrator can create or update an organization config rule.

`OrganizationConfigRule` resource enables organization service access through `EnableAWSServiceAccess` action and creates a service linked role in the master account of your organization. The service linked role is created only when the role does not exist in the master account. AWS Config verifies the existence of role with `GetRole` action.

When creating custom organization config rules using a centralized Lambda function, you will need to allow Lambda permissions to sub-accounts and you will need to create an IAM role will to pass to the Lambda function. For more information, see [How to Centrally Manage AWS Config Rules across Multiple AWS Accounts](https://docs.aws.amazon.com/devops/how-to-centrally-manage-aws-config-rules-across-multiple-aws-accounts/) .

TODO: EXAMPLE

func NewCfnOrganizationConfigRule 

func NewCfnOrganizationConfigRule(scope awscdk.Construct, id *string, props *CfnOrganizationConfigRuleProps) CfnOrganizationConfigRule

Create a new `AWS::Config::OrganizationConfigRule`.

type CfnOrganizationConfigRuleProps 

type CfnOrganizationConfigRuleProps struct {
	// The name that you assign to organization config rule.
	OrganizationConfigRuleName *string `json:"organizationConfigRuleName" yaml:"organizationConfigRuleName"`
	// A comma-separated list of accounts excluded from organization config rule.
	ExcludedAccounts *[]*string `json:"excludedAccounts" yaml:"excludedAccounts"`
	// `AWS::Config::OrganizationConfigRule.OrganizationCustomCodeRuleMetadata`.
	OrganizationCustomCodeRuleMetadata interface{} `json:"organizationCustomCodeRuleMetadata" yaml:"organizationCustomCodeRuleMetadata"`
	// An `OrganizationCustomRuleMetadata` object.
	OrganizationCustomRuleMetadata interface{} `json:"organizationCustomRuleMetadata" yaml:"organizationCustomRuleMetadata"`
	// An `OrganizationManagedRuleMetadata` object.
	OrganizationManagedRuleMetadata interface{} `json:"organizationManagedRuleMetadata" yaml:"organizationManagedRuleMetadata"`
}

Properties for defining a `CfnOrganizationConfigRule`.

TODO: EXAMPLE

type CfnOrganizationConfigRule_OrganizationCustomCodeRuleMetadataProperty 

type CfnOrganizationConfigRule_OrganizationCustomCodeRuleMetadataProperty struct {
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.CodeText`.
	CodeText *string `json:"codeText" yaml:"codeText"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.Runtime`.
	Runtime *string `json:"runtime" yaml:"runtime"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.DebugLogDeliveryAccounts`.
	DebugLogDeliveryAccounts *[]*string `json:"debugLogDeliveryAccounts" yaml:"debugLogDeliveryAccounts"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.Description`.
	Description *string `json:"description" yaml:"description"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.InputParameters`.
	InputParameters *string `json:"inputParameters" yaml:"inputParameters"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.MaximumExecutionFrequency`.
	MaximumExecutionFrequency *string `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.OrganizationConfigRuleTriggerTypes`.
	OrganizationConfigRuleTriggerTypes *[]*string `json:"organizationConfigRuleTriggerTypes" yaml:"organizationConfigRuleTriggerTypes"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.ResourceIdScope`.
	ResourceIdScope *string `json:"resourceIdScope" yaml:"resourceIdScope"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.ResourceTypesScope`.
	ResourceTypesScope *[]*string `json:"resourceTypesScope" yaml:"resourceTypesScope"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.TagKeyScope`.
	TagKeyScope *string `json:"tagKeyScope" yaml:"tagKeyScope"`
	// `CfnOrganizationConfigRule.OrganizationCustomCodeRuleMetadataProperty.TagValueScope`.
	TagValueScope *string `json:"tagValueScope" yaml:"tagValueScope"`
}

TODO: EXAMPLE

type CfnOrganizationConfigRule_OrganizationCustomRuleMetadataProperty 

type CfnOrganizationConfigRule_OrganizationCustomRuleMetadataProperty struct {
	// The lambda function ARN.
	LambdaFunctionArn *string `json:"lambdaFunctionArn" yaml:"lambdaFunctionArn"`
	// The type of notification that triggers AWS Config to run an evaluation for a rule.
	//
	// You can specify the following notification types:
	//
	// - `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.
	// - `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.
	// - `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .
	OrganizationConfigRuleTriggerTypes *[]*string `json:"organizationConfigRuleTriggerTypes" yaml:"organizationConfigRuleTriggerTypes"`
	// The description that you provide for organization config rule.
	Description *string `json:"description" yaml:"description"`
	// A string, in JSON format, that is passed to organization config rule Lambda function.
	InputParameters *string `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency with which AWS Config runs evaluations for a rule.
	//
	// Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .
	//
	// > By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.
	MaximumExecutionFrequency *string `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// The ID of the AWS resource that was evaluated.
	ResourceIdScope *string `json:"resourceIdScope" yaml:"resourceIdScope"`
	// The type of the AWS resource that was evaluated.
	ResourceTypesScope *[]*string `json:"resourceTypesScope" yaml:"resourceTypesScope"`
	// One part of a key-value pair that make up a tag.
	//
	// A key is a general label that acts like a category for more specific tag values.
	TagKeyScope *string `json:"tagKeyScope" yaml:"tagKeyScope"`
	// The optional part of a key-value pair that make up a tag.
	//
	// A value acts as a descriptor within a tag category (key).
	TagValueScope *string `json:"tagValueScope" yaml:"tagValueScope"`
}

An object that specifies organization custom rule metadata such as resource type, resource ID of AWS resource, Lambda function ARN, and organization trigger types that trigger AWS Config to evaluate your AWS resources against a rule.

It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.

TODO: EXAMPLE

type CfnOrganizationConfigRule_OrganizationManagedRuleMetadataProperty 

type CfnOrganizationConfigRule_OrganizationManagedRuleMetadataProperty struct {
	// For organization config managed rules, a predefined identifier from a list.
	//
	// For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .
	RuleIdentifier *string `json:"ruleIdentifier" yaml:"ruleIdentifier"`
	// The description that you provide for organization config rule.
	Description *string `json:"description" yaml:"description"`
	// A string, in JSON format, that is passed to organization config rule Lambda function.
	InputParameters *string `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency with which AWS Config runs evaluations for a rule.
	//
	// You are using an AWS Config managed rule that is triggered at a periodic frequency.
	//
	// > By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.
	MaximumExecutionFrequency *string `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// The ID of the AWS resource that was evaluated.
	ResourceIdScope *string `json:"resourceIdScope" yaml:"resourceIdScope"`
	// The type of the AWS resource that was evaluated.
	ResourceTypesScope *[]*string `json:"resourceTypesScope" yaml:"resourceTypesScope"`
	// One part of a key-value pair that make up a tag.
	//
	// A key is a general label that acts like a category for more specific tag values.
	TagKeyScope *string `json:"tagKeyScope" yaml:"tagKeyScope"`
	// The optional part of a key-value pair that make up a tag.
	//
	// A value acts as a descriptor within a tag category (key).
	TagValueScope *string `json:"tagValueScope" yaml:"tagValueScope"`
}

An object that specifies organization managed rule metadata such as resource type and ID of AWS resource along with the rule identifier.

It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.

TODO: EXAMPLE

type CfnOrganizationConformancePack 

type CfnOrganizationConformancePack interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ConformancePackInputParameters() interface{}
	SetConformancePackInputParameters(val interface{})
	CreationStack() *[]*string
	DeliveryS3Bucket() *string
	SetDeliveryS3Bucket(val *string)
	DeliveryS3KeyPrefix() *string
	SetDeliveryS3KeyPrefix(val *string)
	ExcludedAccounts() *[]*string
	SetExcludedAccounts(val *[]*string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	OrganizationConformancePackName() *string
	SetOrganizationConformancePackName(val *string)
	Ref() *string
	Stack() awscdk.Stack
	TemplateBody() *string
	SetTemplateBody(val *string)
	TemplateS3Uri() *string
	SetTemplateS3Uri(val *string)
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::OrganizationConformancePack`.

OrganizationConformancePack deploys conformance packs across member accounts in an AWS Organizations . OrganizationConformancePack enables organization service access for `config-multiaccountsetup.amazonaws.com` through the `EnableAWSServiceAccess` action and creates a service linked role in the master account of your organization. The service linked role is created only when the role does not exist in the master account.

TODO: EXAMPLE

func NewCfnOrganizationConformancePack 

func NewCfnOrganizationConformancePack(scope awscdk.Construct, id *string, props *CfnOrganizationConformancePackProps) CfnOrganizationConformancePack

Create a new `AWS::Config::OrganizationConformancePack`.

type CfnOrganizationConformancePackProps 

type CfnOrganizationConformancePackProps struct {
	// The name you assign to an organization conformance pack.
	OrganizationConformancePackName *string `json:"organizationConformancePackName" yaml:"organizationConformancePackName"`
	// A list of `ConformancePackInputParameter` objects.
	ConformancePackInputParameters interface{} `json:"conformancePackInputParameters" yaml:"conformancePackInputParameters"`
	// The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.
	//
	// > This field is optional.
	DeliveryS3Bucket *string `json:"deliveryS3Bucket" yaml:"deliveryS3Bucket"`
	// Any folder structure you want to add to an Amazon S3 bucket.
	//
	// > This field is optional.
	DeliveryS3KeyPrefix *string `json:"deliveryS3KeyPrefix" yaml:"deliveryS3KeyPrefix"`
	// A comma-separated list of accounts excluded from organization conformance pack.
	ExcludedAccounts *[]*string `json:"excludedAccounts" yaml:"excludedAccounts"`
	// A string containing full conformance pack template body.
	//
	// Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.
	TemplateBody *string `json:"templateBody" yaml:"templateBody"`
	// Location of file containing the template body.
	//
	// The uri must point to the conformance pack template (max size: 300 KB).
	TemplateS3Uri *string `json:"templateS3Uri" yaml:"templateS3Uri"`
}

Properties for defining a `CfnOrganizationConformancePack`.

TODO: EXAMPLE

type CfnOrganizationConformancePack_ConformancePackInputParameterProperty 

type CfnOrganizationConformancePack_ConformancePackInputParameterProperty struct {
	// One part of a key-value pair.
	ParameterName *string `json:"parameterName" yaml:"parameterName"`
	// One part of a key-value pair.
	ParameterValue *string `json:"parameterValue" yaml:"parameterValue"`
}

Input parameters in the form of key-value pairs for the conformance pack, both of which you define.

Keys can have a maximum character length of 255 characters, and values can have a maximum length of 4096 characters.

TODO: EXAMPLE

type CfnRemediationConfiguration 

type CfnRemediationConfiguration interface {
	awscdk.CfnResource
	awscdk.IInspectable
	Automatic() interface{}
	SetAutomatic(val interface{})
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ConfigRuleName() *string
	SetConfigRuleName(val *string)
	CreationStack() *[]*string
	ExecutionControls() interface{}
	SetExecutionControls(val interface{})
	LogicalId() *string
	MaximumAutomaticAttempts() *float64
	SetMaximumAutomaticAttempts(val *float64)
	Node() awscdk.ConstructNode
	Parameters() interface{}
	SetParameters(val interface{})
	Ref() *string
	ResourceType() *string
	SetResourceType(val *string)
	RetryAttemptSeconds() *float64
	SetRetryAttemptSeconds(val *float64)
	Stack() awscdk.Stack
	TargetId() *string
	SetTargetId(val *string)
	TargetType() *string
	SetTargetType(val *string)
	TargetVersion() *string
	SetTargetVersion(val *string)
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::RemediationConfiguration`.

An object that represents the details about the remediation configuration that includes the remediation action, parameters, and data to execute the action.

TODO: EXAMPLE

func NewCfnRemediationConfiguration 

func NewCfnRemediationConfiguration(scope awscdk.Construct, id *string, props *CfnRemediationConfigurationProps) CfnRemediationConfiguration

Create a new `AWS::Config::RemediationConfiguration`.

type CfnRemediationConfigurationProps 

type CfnRemediationConfigurationProps struct {
	// The name of the AWS Config rule.
	ConfigRuleName *string `json:"configRuleName" yaml:"configRuleName"`
	// Target ID is the name of the public document.
	TargetId *string `json:"targetId" yaml:"targetId"`
	// The type of the target.
	//
	// Target executes remediation. For example, SSM document.
	TargetType *string `json:"targetType" yaml:"targetType"`
	// The remediation is triggered automatically.
	Automatic interface{} `json:"automatic" yaml:"automatic"`
	// An ExecutionControls object.
	ExecutionControls interface{} `json:"executionControls" yaml:"executionControls"`
	// The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.
	//
	// For example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.
	MaximumAutomaticAttempts *float64 `json:"maximumAutomaticAttempts" yaml:"maximumAutomaticAttempts"`
	// An object of the RemediationParameterValue.
	//
	// > The type is a map of strings to RemediationParameterValue.
	Parameters interface{} `json:"parameters" yaml:"parameters"`
	// The type of a resource.
	ResourceType *string `json:"resourceType" yaml:"resourceType"`
	// Maximum time in seconds that AWS Config runs auto-remediation.
	//
	// If you do not select a number, the default is 60 seconds.
	//
	// For example, if you specify RetryAttemptSeconds as 50 seconds and MaximumAutomaticAttempts as 5, AWS Config will run auto-remediations 5 times within 50 seconds before throwing an exception.
	RetryAttemptSeconds *float64 `json:"retryAttemptSeconds" yaml:"retryAttemptSeconds"`
	// Version of the target. For example, version of the SSM document.
	//
	// > If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.
	TargetVersion *string `json:"targetVersion" yaml:"targetVersion"`
}

Properties for defining a `CfnRemediationConfiguration`.

TODO: EXAMPLE

type CfnRemediationConfiguration_ExecutionControlsProperty 

type CfnRemediationConfiguration_ExecutionControlsProperty struct {
	// A SsmControls object.
	SsmControls interface{} `json:"ssmControls" yaml:"ssmControls"`
}

An ExecutionControls object.

TODO: EXAMPLE

type CfnRemediationConfiguration_RemediationParameterValueProperty 

type CfnRemediationConfiguration_RemediationParameterValueProperty struct {
	// The value is dynamic and changes at run-time.
	ResourceValue interface{} `json:"resourceValue" yaml:"resourceValue"`
	// The value is static and does not change at run-time.
	StaticValue interface{} `json:"staticValue" yaml:"staticValue"`
}

The value is either a dynamic (resource) value or a static value.

You must select either a dynamic value or a static value.

TODO: EXAMPLE

type CfnRemediationConfiguration_ResourceValueProperty 

type CfnRemediationConfiguration_ResourceValueProperty struct {
	// The value is a resource ID.
	Value *string `json:"value" yaml:"value"`
}

The dynamic value of the resource.

TODO: EXAMPLE

type CfnRemediationConfiguration_SsmControlsProperty 

type CfnRemediationConfiguration_SsmControlsProperty struct {
	// The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule.
	//
	// You can specify a percentage, such as 10%. The default value is 10.
	ConcurrentExecutionRatePercentage *float64 `json:"concurrentExecutionRatePercentage" yaml:"concurrentExecutionRatePercentage"`
	// The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule.
	//
	// You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.
	ErrorPercentage *float64 `json:"errorPercentage" yaml:"errorPercentage"`
}

AWS Systems Manager (SSM) specific remediation controls.

TODO: EXAMPLE

type CfnRemediationConfiguration_StaticValueProperty 

type CfnRemediationConfiguration_StaticValueProperty struct {
	// A list of values.
	//
	// For example, the ARN of the assumed role.
	Values *[]*string `json:"values" yaml:"values"`
}

The static value of the resource.

TODO: EXAMPLE

type CfnStoredQuery 

type CfnStoredQuery interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrQueryArn() *string
	AttrQueryId() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	LogicalId() *string
	Node() awscdk.ConstructNode
	QueryDescription() *string
	SetQueryDescription(val *string)
	QueryExpression() *string
	SetQueryExpression(val *string)
	QueryName() *string
	SetQueryName(val *string)
	Ref() *string
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Config::StoredQuery`.

Provides the details of a stored query.

TODO: EXAMPLE

func NewCfnStoredQuery 

func NewCfnStoredQuery(scope awscdk.Construct, id *string, props *CfnStoredQueryProps) CfnStoredQuery

Create a new `AWS::Config::StoredQuery`.

type CfnStoredQueryProps 

type CfnStoredQueryProps struct {
	// The expression of the query.
	//
	// For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`
	QueryExpression *string `json:"queryExpression" yaml:"queryExpression"`
	// The name of the query.
	QueryName *string `json:"queryName" yaml:"queryName"`
	// A unique description for the query.
	QueryDescription *string `json:"queryDescription" yaml:"queryDescription"`
	// An array of key-value pairs to apply to this resource.
	Tags *[]*awscdk.CfnTag `json:"tags" yaml:"tags"`
}

Properties for defining a `CfnStoredQuery`.

TODO: EXAMPLE

type CloudFormationStackDriftDetectionCheck 

type CloudFormationStackDriftDetectionCheck interface {
	ManagedRule
	ConfigRuleArn() *string
	ConfigRuleComplianceType() *string
	ConfigRuleId() *string
	ConfigRuleName() *string
	Env() *awscdk.ResourceEnvironment
	IsCustomWithChanges() *bool
	SetIsCustomWithChanges(val *bool)
	IsManaged() *bool
	SetIsManaged(val *bool)
	Node() awscdk.ConstructNode
	PhysicalName() *string
	RuleScope() RuleScope
	SetRuleScope(val RuleScope)
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnComplianceChange(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnPrepare()
	OnReEvaluationStatus(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Checks whether your CloudFormation stacks' actual configuration differs, or has drifted, from its expected configuration.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/config/latest/developerguide/cloudformation-stack-drift-detection-check.html

Experimental.

func NewCloudFormationStackDriftDetectionCheck 

func NewCloudFormationStackDriftDetectionCheck(scope constructs.Construct, id *string, props *CloudFormationStackDriftDetectionCheckProps) CloudFormationStackDriftDetectionCheck

Experimental.

type CloudFormationStackDriftDetectionCheckProps 

type CloudFormationStackDriftDetectionCheckProps struct {
	// A name for the AWS Config rule.
	// Experimental.
	ConfigRuleName *string `json:"configRuleName" yaml:"configRuleName"`
	// A description about this AWS Config rule.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// Input parameter values that are passed to the AWS Config rule.
	// Experimental.
	InputParameters *map[string]interface{} `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency at which the AWS Config rule runs evaluations.
	// Experimental.
	MaximumExecutionFrequency MaximumExecutionFrequency `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// Defines which resources trigger an evaluation for an AWS Config rule.
	// Experimental.
	RuleScope RuleScope `json:"ruleScope" yaml:"ruleScope"`
	// Whether to check only the stack where this rule is deployed.
	// Experimental.
	OwnStackOnly *bool `json:"ownStackOnly" yaml:"ownStackOnly"`
	// The IAM role to use for this rule.
	//
	// It must have permissions to detect drift
	// for AWS CloudFormation stacks. Ensure to attach `config.amazonaws.com` trusted
	// permissions and `ReadOnlyAccess` policy permissions. For specific policy permissions,
	// refer to https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html.
	// Experimental.
	Role awsiam.IRole `json:"role" yaml:"role"`
}

Construction properties for a CloudFormationStackDriftDetectionCheck.

TODO: EXAMPLE

Experimental.

type CloudFormationStackNotificationCheck 

type CloudFormationStackNotificationCheck interface {
	ManagedRule
	ConfigRuleArn() *string
	ConfigRuleComplianceType() *string
	ConfigRuleId() *string
	ConfigRuleName() *string
	Env() *awscdk.ResourceEnvironment
	IsCustomWithChanges() *bool
	SetIsCustomWithChanges(val *bool)
	IsManaged() *bool
	SetIsManaged(val *bool)
	Node() awscdk.ConstructNode
	PhysicalName() *string
	RuleScope() RuleScope
	SetRuleScope(val RuleScope)
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnComplianceChange(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnPrepare()
	OnReEvaluationStatus(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Checks whether your CloudFormation stacks are sending event notifications to a SNS topic.

Optionally checks whether specified SNS topics are used.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/config/latest/developerguide/cloudformation-stack-notification-check.html

Experimental.

func NewCloudFormationStackNotificationCheck 

func NewCloudFormationStackNotificationCheck(scope constructs.Construct, id *string, props *CloudFormationStackNotificationCheckProps) CloudFormationStackNotificationCheck

Experimental.

type CloudFormationStackNotificationCheckProps 

type CloudFormationStackNotificationCheckProps struct {
	// A name for the AWS Config rule.
	// Experimental.
	ConfigRuleName *string `json:"configRuleName" yaml:"configRuleName"`
	// A description about this AWS Config rule.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// Input parameter values that are passed to the AWS Config rule.
	// Experimental.
	InputParameters *map[string]interface{} `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency at which the AWS Config rule runs evaluations.
	// Experimental.
	MaximumExecutionFrequency MaximumExecutionFrequency `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// Defines which resources trigger an evaluation for an AWS Config rule.
	// Experimental.
	RuleScope RuleScope `json:"ruleScope" yaml:"ruleScope"`
	// A list of allowed topics.
	//
	// At most 5 topics.
	// Experimental.
	Topics *[]awssns.ITopic `json:"topics" yaml:"topics"`
}

Construction properties for a CloudFormationStackNotificationCheck.

TODO: EXAMPLE

Experimental.

type CustomRule 

type CustomRule interface {
	awscdk.Resource
	IRule
	ConfigRuleArn() *string
	ConfigRuleComplianceType() *string
	ConfigRuleId() *string
	ConfigRuleName() *string
	Env() *awscdk.ResourceEnvironment
	IsCustomWithChanges() *bool
	SetIsCustomWithChanges(val *bool)
	IsManaged() *bool
	SetIsManaged(val *bool)
	Node() awscdk.ConstructNode
	PhysicalName() *string
	RuleScope() RuleScope
	SetRuleScope(val RuleScope)
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnComplianceChange(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnPrepare()
	OnReEvaluationStatus(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

A new custom rule.

TODO: EXAMPLE

Experimental.

func NewCustomRule 

func NewCustomRule(scope constructs.Construct, id *string, props *CustomRuleProps) CustomRule

Experimental.

type CustomRuleProps 

type CustomRuleProps struct {
	// A name for the AWS Config rule.
	// Experimental.
	ConfigRuleName *string `json:"configRuleName" yaml:"configRuleName"`
	// A description about this AWS Config rule.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// Input parameter values that are passed to the AWS Config rule.
	// Experimental.
	InputParameters *map[string]interface{} `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency at which the AWS Config rule runs evaluations.
	// Experimental.
	MaximumExecutionFrequency MaximumExecutionFrequency `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// Defines which resources trigger an evaluation for an AWS Config rule.
	// Experimental.
	RuleScope RuleScope `json:"ruleScope" yaml:"ruleScope"`
	// The Lambda function to run.
	// Experimental.
	LambdaFunction awslambda.IFunction `json:"lambdaFunction" yaml:"lambdaFunction"`
	// Whether to run the rule on configuration changes.
	// Experimental.
	ConfigurationChanges *bool `json:"configurationChanges" yaml:"configurationChanges"`
	// Whether to run the rule on a fixed frequency.
	// Experimental.
	Periodic *bool `json:"periodic" yaml:"periodic"`
}

Construction properties for a CustomRule.

TODO: EXAMPLE

Experimental.

type IRule 

type IRule interface {
	awscdk.IResource
	// Defines a EventBridge event rule which triggers for rule compliance events.
	// Experimental.
	OnComplianceChange(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// Defines an EventBridge event rule which triggers for rule events.
	//
	// Use
	// `rule.addEventPattern(pattern)` to specify a filter.
	// Experimental.
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// Defines a EventBridge event rule which triggers for rule re-evaluation status events.
	// Experimental.
	OnReEvaluationStatus(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// The name of the rule.
	// Experimental.
	ConfigRuleName() *string
}

Interface representing an AWS Config rule. Experimental.

func AccessKeysRotated_FromConfigRuleName 

func AccessKeysRotated_FromConfigRuleName(scope constructs.Construct, id *string, configRuleName *string) IRule

Imports an existing rule. Experimental.

func CloudFormationStackDriftDetectionCheck_FromConfigRuleName 

func CloudFormationStackDriftDetectionCheck_FromConfigRuleName(scope constructs.Construct, id *string, configRuleName *string) IRule

Imports an existing rule. Experimental.

func CloudFormationStackNotificationCheck_FromConfigRuleName 

func CloudFormationStackNotificationCheck_FromConfigRuleName(scope constructs.Construct, id *string, configRuleName *string) IRule

Imports an existing rule. Experimental.

func CustomRule_FromConfigRuleName 

func CustomRule_FromConfigRuleName(scope constructs.Construct, id *string, configRuleName *string) IRule

Imports an existing rule. Experimental.

func ManagedRule_FromConfigRuleName 

func ManagedRule_FromConfigRuleName(scope constructs.Construct, id *string, configRuleName *string) IRule

Imports an existing rule. Experimental.

type ManagedRule 

type ManagedRule interface {
	awscdk.Resource
	IRule
	ConfigRuleArn() *string
	ConfigRuleComplianceType() *string
	ConfigRuleId() *string
	ConfigRuleName() *string
	Env() *awscdk.ResourceEnvironment
	IsCustomWithChanges() *bool
	SetIsCustomWithChanges(val *bool)
	IsManaged() *bool
	SetIsManaged(val *bool)
	Node() awscdk.ConstructNode
	PhysicalName() *string
	RuleScope() RuleScope
	SetRuleScope(val RuleScope)
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnComplianceChange(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnPrepare()
	OnReEvaluationStatus(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

A new managed rule.

TODO: EXAMPLE

Experimental.

func NewManagedRule 

func NewManagedRule(scope constructs.Construct, id *string, props *ManagedRuleProps) ManagedRule

Experimental.

type ManagedRuleIdentifiers 

type ManagedRuleIdentifiers interface {
}

Managed rules that are supported by AWS Config.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html

Experimental.

type ManagedRuleProps 

type ManagedRuleProps struct {
	// A name for the AWS Config rule.
	// Experimental.
	ConfigRuleName *string `json:"configRuleName" yaml:"configRuleName"`
	// A description about this AWS Config rule.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// Input parameter values that are passed to the AWS Config rule.
	// Experimental.
	InputParameters *map[string]interface{} `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency at which the AWS Config rule runs evaluations.
	// Experimental.
	MaximumExecutionFrequency MaximumExecutionFrequency `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// Defines which resources trigger an evaluation for an AWS Config rule.
	// Experimental.
	RuleScope RuleScope `json:"ruleScope" yaml:"ruleScope"`
	// The identifier of the AWS managed rule.
	// See: https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html
	//
	// Experimental.
	Identifier *string `json:"identifier" yaml:"identifier"`
}

Construction properties for a ManagedRule.

TODO: EXAMPLE

Experimental.

type MaximumExecutionFrequency 

type MaximumExecutionFrequency string

The maximum frequency at which the AWS Config rule runs evaluations.

TODO: EXAMPLE

Experimental. 

const (
	MaximumExecutionFrequency_ONE_HOUR          MaximumExecutionFrequency = "ONE_HOUR"
	MaximumExecutionFrequency_THREE_HOURS       MaximumExecutionFrequency = "THREE_HOURS"
	MaximumExecutionFrequency_SIX_HOURS         MaximumExecutionFrequency = "SIX_HOURS"
	MaximumExecutionFrequency_TWELVE_HOURS      MaximumExecutionFrequency = "TWELVE_HOURS"
	MaximumExecutionFrequency_TWENTY_FOUR_HOURS MaximumExecutionFrequency = "TWENTY_FOUR_HOURS"
)

type ResourceType 

type ResourceType interface {
	ComplianceResourceType() *string
}

Resources types that are supported by AWS Config.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html

Experimental.

func ResourceType_ACM_CERTIFICATE 

func ResourceType_ACM_CERTIFICATE() ResourceType

func ResourceType_APIGATEWAYV2_API 

func ResourceType_APIGATEWAYV2_API() ResourceType

func ResourceType_APIGATEWAYV2_STAGE 

func ResourceType_APIGATEWAYV2_STAGE() ResourceType

func ResourceType_APIGATEWAY_REST_API 

func ResourceType_APIGATEWAY_REST_API() ResourceType

func ResourceType_APIGATEWAY_STAGE 

func ResourceType_APIGATEWAY_STAGE() ResourceType

func ResourceType_AUTO_SCALING_GROUP 

func ResourceType_AUTO_SCALING_GROUP() ResourceType

func ResourceType_AUTO_SCALING_LAUNCH_CONFIGURATION 

func ResourceType_AUTO_SCALING_LAUNCH_CONFIGURATION() ResourceType

func ResourceType_AUTO_SCALING_POLICY 

func ResourceType_AUTO_SCALING_POLICY() ResourceType

func ResourceType_AUTO_SCALING_SCHEDULED_ACTION 

func ResourceType_AUTO_SCALING_SCHEDULED_ACTION() ResourceType

func ResourceType_CLOUDFORMATION_STACK 

func ResourceType_CLOUDFORMATION_STACK() ResourceType

func ResourceType_CLOUDFRONT_DISTRIBUTION 

func ResourceType_CLOUDFRONT_DISTRIBUTION() ResourceType

func ResourceType_CLOUDFRONT_STREAMING_DISTRIBUTION 

func ResourceType_CLOUDFRONT_STREAMING_DISTRIBUTION() ResourceType

func ResourceType_CLOUDTRAIL_TRAIL 

func ResourceType_CLOUDTRAIL_TRAIL() ResourceType

func ResourceType_CLOUDWATCH_ALARM 

func ResourceType_CLOUDWATCH_ALARM() ResourceType

func ResourceType_CODEBUILD_PROJECT 

func ResourceType_CODEBUILD_PROJECT() ResourceType

func ResourceType_CODEPIPELINE_PIPELINE 

func ResourceType_CODEPIPELINE_PIPELINE() ResourceType

func ResourceType_DYNAMODB_TABLE 

func ResourceType_DYNAMODB_TABLE() ResourceType

func ResourceType_EBS_VOLUME 

func ResourceType_EBS_VOLUME() ResourceType

func ResourceType_EC2_CUSTOMER_GATEWAY 

func ResourceType_EC2_CUSTOMER_GATEWAY() ResourceType

func ResourceType_EC2_EGRESS_ONLY_INTERNET_GATEWAY 

func ResourceType_EC2_EGRESS_ONLY_INTERNET_GATEWAY() ResourceType

func ResourceType_EC2_EIP 

func ResourceType_EC2_EIP() ResourceType

func ResourceType_EC2_FLOW_LOG 

func ResourceType_EC2_FLOW_LOG() ResourceType

func ResourceType_EC2_HOST 

func ResourceType_EC2_HOST() ResourceType

func ResourceType_EC2_INSTANCE 

func ResourceType_EC2_INSTANCE() ResourceType

func ResourceType_EC2_INTERNET_GATEWAY 

func ResourceType_EC2_INTERNET_GATEWAY() ResourceType

func ResourceType_EC2_NAT_GATEWAY 

func ResourceType_EC2_NAT_GATEWAY() ResourceType

func ResourceType_EC2_NETWORK_ACL 

func ResourceType_EC2_NETWORK_ACL() ResourceType

func ResourceType_EC2_ROUTE_TABLE 

func ResourceType_EC2_ROUTE_TABLE() ResourceType

func ResourceType_EC2_SECURITY_GROUP 

func ResourceType_EC2_SECURITY_GROUP() ResourceType

func ResourceType_EC2_SUBNET 

func ResourceType_EC2_SUBNET() ResourceType

func ResourceType_EC2_VPC 

func ResourceType_EC2_VPC() ResourceType

func ResourceType_EC2_VPC_ENDPOINT 

func ResourceType_EC2_VPC_ENDPOINT() ResourceType

func ResourceType_EC2_VPC_ENDPOINT_SERVICE 

func ResourceType_EC2_VPC_ENDPOINT_SERVICE() ResourceType

func ResourceType_EC2_VPC_PEERING_CONNECTION 

func ResourceType_EC2_VPC_PEERING_CONNECTION() ResourceType

func ResourceType_EC2_VPN_CONNECTION 

func ResourceType_EC2_VPN_CONNECTION() ResourceType

func ResourceType_EC2_VPN_GATEWAY 

func ResourceType_EC2_VPN_GATEWAY() ResourceType

func ResourceType_ELASTICSEARCH_DOMAIN 

func ResourceType_ELASTICSEARCH_DOMAIN() ResourceType

func ResourceType_ELASTIC_BEANSTALK_APPLICATION 

func ResourceType_ELASTIC_BEANSTALK_APPLICATION() ResourceType

func ResourceType_ELASTIC_BEANSTALK_APPLICATION_VERSION 

func ResourceType_ELASTIC_BEANSTALK_APPLICATION_VERSION() ResourceType

func ResourceType_ELASTIC_BEANSTALK_ENVIRONMENT 

func ResourceType_ELASTIC_BEANSTALK_ENVIRONMENT() ResourceType

func ResourceType_ELBV2_LOAD_BALANCER 

func ResourceType_ELBV2_LOAD_BALANCER() ResourceType

func ResourceType_ELB_LOAD_BALANCER 

func ResourceType_ELB_LOAD_BALANCER() ResourceType

func ResourceType_IAM_GROUP 

func ResourceType_IAM_GROUP() ResourceType

func ResourceType_IAM_POLICY 

func ResourceType_IAM_POLICY() ResourceType

func ResourceType_IAM_ROLE 

func ResourceType_IAM_ROLE() ResourceType

func ResourceType_IAM_USER 

func ResourceType_IAM_USER() ResourceType

func ResourceType_KMS_KEY 

func ResourceType_KMS_KEY() ResourceType

func ResourceType_LAMBDA_FUNCTION 

func ResourceType_LAMBDA_FUNCTION() ResourceType

func ResourceType_Of 

func ResourceType_Of(type_ *string) ResourceType

A custom resource type to support future cases. Experimental.

func ResourceType_QLDB_LEDGER 

func ResourceType_QLDB_LEDGER() ResourceType

func ResourceType_RDS_DB_CLUSTER 

func ResourceType_RDS_DB_CLUSTER() ResourceType

func ResourceType_RDS_DB_CLUSTER_SNAPSHOT 

func ResourceType_RDS_DB_CLUSTER_SNAPSHOT() ResourceType

func ResourceType_RDS_DB_INSTANCE 

func ResourceType_RDS_DB_INSTANCE() ResourceType

func ResourceType_RDS_DB_SECURITY_GROUP 

func ResourceType_RDS_DB_SECURITY_GROUP() ResourceType

func ResourceType_RDS_DB_SNAPSHOT 

func ResourceType_RDS_DB_SNAPSHOT() ResourceType

func ResourceType_RDS_DB_SUBNET_GROUP 

func ResourceType_RDS_DB_SUBNET_GROUP() ResourceType

func ResourceType_RDS_EVENT_SUBSCRIPTION 

func ResourceType_RDS_EVENT_SUBSCRIPTION() ResourceType

func ResourceType_REDSHIFT_CLUSTER 

func ResourceType_REDSHIFT_CLUSTER() ResourceType

func ResourceType_REDSHIFT_CLUSTER_PARAMETER_GROUP 

func ResourceType_REDSHIFT_CLUSTER_PARAMETER_GROUP() ResourceType

func ResourceType_REDSHIFT_CLUSTER_SECURITY_GROUP 

func ResourceType_REDSHIFT_CLUSTER_SECURITY_GROUP() ResourceType

func ResourceType_REDSHIFT_CLUSTER_SNAPSHOT 

func ResourceType_REDSHIFT_CLUSTER_SNAPSHOT() ResourceType

func ResourceType_REDSHIFT_CLUSTER_SUBNET_GROUP 

func ResourceType_REDSHIFT_CLUSTER_SUBNET_GROUP() ResourceType

func ResourceType_REDSHIFT_EVENT_SUBSCRIPTION 

func ResourceType_REDSHIFT_EVENT_SUBSCRIPTION() ResourceType

func ResourceType_S3_ACCOUNT_PUBLIC_ACCESS_BLOCK 

func ResourceType_S3_ACCOUNT_PUBLIC_ACCESS_BLOCK() ResourceType

func ResourceType_S3_BUCKET 

func ResourceType_S3_BUCKET() ResourceType

func ResourceType_SECRETS_MANAGER_SECRET 

func ResourceType_SECRETS_MANAGER_SECRET() ResourceType

func ResourceType_SERVICE_CATALOG_CLOUDFORMATION_PRODUCT 

func ResourceType_SERVICE_CATALOG_CLOUDFORMATION_PRODUCT() ResourceType

func ResourceType_SERVICE_CATALOG_CLOUDFORMATION_PROVISIONED_PRODUCT 

func ResourceType_SERVICE_CATALOG_CLOUDFORMATION_PROVISIONED_PRODUCT() ResourceType

func ResourceType_SERVICE_CATALOG_PORTFOLIO 

func ResourceType_SERVICE_CATALOG_PORTFOLIO() ResourceType

func ResourceType_SHIELD_PROTECTION 

func ResourceType_SHIELD_PROTECTION() ResourceType

func ResourceType_SHIELD_REGIONAL_PROTECTION 

func ResourceType_SHIELD_REGIONAL_PROTECTION() ResourceType

func ResourceType_SNS_TOPIC 

func ResourceType_SNS_TOPIC() ResourceType

func ResourceType_SQS_QUEUE 

func ResourceType_SQS_QUEUE() ResourceType

func ResourceType_SYSTEMS_MANAGER_ASSOCIATION_COMPLIANCE 

func ResourceType_SYSTEMS_MANAGER_ASSOCIATION_COMPLIANCE() ResourceType

func ResourceType_SYSTEMS_MANAGER_FILE_DATA 

func ResourceType_SYSTEMS_MANAGER_FILE_DATA() ResourceType

func ResourceType_SYSTEMS_MANAGER_MANAGED_INSTANCE_INVENTORY 

func ResourceType_SYSTEMS_MANAGER_MANAGED_INSTANCE_INVENTORY() ResourceType

func ResourceType_SYSTEMS_MANAGER_PATCH_COMPLIANCE 

func ResourceType_SYSTEMS_MANAGER_PATCH_COMPLIANCE() ResourceType

func ResourceType_WAFV2_MANAGED_RULE_SET 

func ResourceType_WAFV2_MANAGED_RULE_SET() ResourceType

func ResourceType_WAFV2_RULE_GROUP 

func ResourceType_WAFV2_RULE_GROUP() ResourceType

func ResourceType_WAFV2_WEB_ACL 

func ResourceType_WAFV2_WEB_ACL() ResourceType

func ResourceType_WAF_RATE_BASED_RULE 

func ResourceType_WAF_RATE_BASED_RULE() ResourceType

func ResourceType_WAF_REGIONAL_RATE_BASED_RULE 

func ResourceType_WAF_REGIONAL_RATE_BASED_RULE() ResourceType

func ResourceType_WAF_REGIONAL_RULE 

func ResourceType_WAF_REGIONAL_RULE() ResourceType

func ResourceType_WAF_REGIONAL_RULE_GROUP 

func ResourceType_WAF_REGIONAL_RULE_GROUP() ResourceType

func ResourceType_WAF_REGIONAL_WEB_ACL 

func ResourceType_WAF_REGIONAL_WEB_ACL() ResourceType

func ResourceType_WAF_RULE 

func ResourceType_WAF_RULE() ResourceType

func ResourceType_WAF_RULE_GROUP 

func ResourceType_WAF_RULE_GROUP() ResourceType

func ResourceType_WAF_WEB_ACL 

func ResourceType_WAF_WEB_ACL() ResourceType

func ResourceType_XRAY_ENCRYPTION_CONFIGURATION 

func ResourceType_XRAY_ENCRYPTION_CONFIGURATION() ResourceType

type RuleProps 

type RuleProps struct {
	// A name for the AWS Config rule.
	// Experimental.
	ConfigRuleName *string `json:"configRuleName" yaml:"configRuleName"`
	// A description about this AWS Config rule.
	// Experimental.
	Description *string `json:"description" yaml:"description"`
	// Input parameter values that are passed to the AWS Config rule.
	// Experimental.
	InputParameters *map[string]interface{} `json:"inputParameters" yaml:"inputParameters"`
	// The maximum frequency at which the AWS Config rule runs evaluations.
	// Experimental.
	MaximumExecutionFrequency MaximumExecutionFrequency `json:"maximumExecutionFrequency" yaml:"maximumExecutionFrequency"`
	// Defines which resources trigger an evaluation for an AWS Config rule.
	// Experimental.
	RuleScope RuleScope `json:"ruleScope" yaml:"ruleScope"`
}

Construction properties for a new rule.

TODO: EXAMPLE

Experimental.

type RuleScope 

type RuleScope interface {
	Key() *string
	ResourceId() *string
	ResourceTypes() *[]ResourceType
	Value() *string
}

Determines which resources trigger an evaluation of an AWS Config rule.

TODO: EXAMPLE

Experimental.

func RuleScope_FromResource 

func RuleScope_FromResource(resourceType ResourceType, resourceId *string) RuleScope

restricts scope of changes to a specific resource type or resource identifier. Experimental.

func RuleScope_FromResources 

func RuleScope_FromResources(resourceTypes *[]ResourceType) RuleScope

restricts scope of changes to specific resource types. Experimental.

func RuleScope_FromTag 

func RuleScope_FromTag(key *string, value *string) RuleScope

restricts scope of changes to a specific tag. Experimental.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.