404

[ Avaa Bypassed ]




Upload:

Command:

botdev@18.217.203.133: ~ $
**To add an AWS managed Config rule**

The following command provides JSON code to add an AWS managed Config rule::

    aws configservice put-config-rule --config-rule file://RequiredTagsForEC2Instances.json

``RequiredTagsForEC2Instances.json`` is a JSON file that contains the rule configuration::

    {
      "ConfigRuleName": "RequiredTagsForEC2Instances",
      "Description": "Checks whether the CostCenter and Owner tags are applied to EC2 instances.",
      "Scope": {
        "ComplianceResourceTypes": [
          "AWS::EC2::Instance"
        ]
      },
      "Source": {
        "Owner": "AWS",
        "SourceIdentifier": "REQUIRED_TAGS"
      },
      "InputParameters": "{\"tag1Key\":\"CostCenter\",\"tag2Key\":\"Owner\"}"
    }

For the ``ComplianceResourceTypes`` attribute, this JSON code limits the scope to resources of the ``AWS::EC2::Instance`` type, so AWS Config will evaluate only EC2 instances against the rule. Because the rule is a managed rule, the ``Owner`` attribute is set to ``AWS``, and the ``SourceIdentifier`` attribute is set to the rule identifier, ``REQUIRED_TAGS``. For the ``InputParameters`` attribute, the tag keys that the rule requires, ``CostCenter`` and ``Owner``, are specified.

If the command succeeds, AWS Config returns no output. To verify the rule configuration, run the `describe-config-rules`__ command, and specify the rule name.

.. __: http://docs.aws.amazon.com/cli/latest/reference/configservice/describe-config-rules.html

**To add a customer managed Config rule**

The following command provides JSON code to add a customer managed Config rule::

    aws configservice put-config-rule --config-rule file://InstanceTypesAreT2micro.json

``InstanceTypesAreT2micro.json`` is a JSON file that contains the rule configuration::

    {
      "ConfigRuleName": "InstanceTypesAreT2micro",
      "Description": "Evaluates whether EC2 instances are the t2.micro type.",
      "Scope": {
        "ComplianceResourceTypes": [
          "AWS::EC2::Instance"
        ]
      },
      "Source": {
        "Owner": "CUSTOM_LAMBDA",
        "SourceIdentifier": "arn:aws:lambda:us-east-1:123456789012:function:InstanceTypeCheck",
        "SourceDetails": [
          {
            "EventSource": "aws.config",
            "MessageType": "ConfigurationItemChangeNotification"
          }
        ]
      },
      "InputParameters": "{\"desiredInstanceType\":\"t2.micro\"}"
    }

For the ``ComplianceResourceTypes`` attribute, this JSON code limits the scope to resources of the ``AWS::EC2::Instance`` type, so AWS Config will evaluate only EC2 instances against the rule. Because this rule is a customer managed rule, the ``Owner`` attribute is set to ``CUSTOM_LAMBDA``, and the ``SourceIdentifier`` attribute is set to the ARN of the AWS Lambda function. The ``SourceDetails`` object is required. The parameters that are specified for the ``InputParameters`` attribute are passed to the AWS Lambda function when AWS Config invokes it to evaluate resources against the rule.

If the command succeeds, AWS Config returns no output. To verify the rule configuration, run the `describe-config-rules`__ command, and specify the rule name.

.. __: http://docs.aws.amazon.com/cli/latest/reference/configservice/describe-config-rules.html


Filemanager

Name Type Size Permission Actions
delete-config-rule.rst File 181 B 0644
delete-delivery-channel.rst File 173 B 0644
delete-evaluation-results.rst File 256 B 0755
deliver-config-snapshot.rst File 336 B 0644
describe-compliance-by-config-rule.rst File 1.28 KB 0644
describe-compliance-by-resource.rst File 1.35 KB 0644
describe-config-rule-evaluation-status.rst File 677 B 0644
describe-config-rules.rst File 1.33 KB 0644
describe-configuration-recorder-status.rst File 570 B 0644
describe-configuration-recorders.rst File 605 B 0644
describe-delivery-channel-status.rst File 925 B 0644
describe-delivery-channels.rst File 432 B 0644
get-compliance-details-by-config-rule.rst File 2.07 KB 0644
get-compliance-details-by-resource.rst File 1.5 KB 0644
get-compliance-summary-by-config-rule.rst File 722 B 0644
get-compliance-summary-by-resource-type.rst File 1.87 KB 0644
get-resource-config-history.rst File 278 B 0644
get-status.rst File 435 B 0644
list-discovered-resources.rst File 659 B 0644
put-config-rule.rst File 3.2 KB 0644
put-configuration-recorder.rst File 1.68 KB 0644
put-delivery-channel.rst File 2.27 KB 0644
start-config-rules-evaluation.rst File 248 B 0755
start-configuration-recorder.rst File 426 B 0644
stop-configuration-recorder.rst File 426 B 0644
subscribe.rst File 1.15 KB 0644