alicloud_config_aggregate_config_rule
更新時間:
Provides a Cloud Config Aggregate Config Rule resource.
For information about Cloud Config Aggregate Config Rule and how to use it, see What is Aggregate Config Rule.
-> NOTE: Available since v1.124.0.
Example Usage
Basic Usage
variable "name" {
default = "tf-example"
}
data "alicloud_resource_manager_accounts" "default" {
status = "CreateSuccess"
}
resource "alicloud_config_aggregator" "default" {
aggregator_accounts {
account_id = data.alicloud_resource_manager_accounts.default.accounts.0.account_id
account_name = data.alicloud_resource_manager_accounts.default.accounts.0.display_name
account_type = "ResourceDirectory"
}
aggregator_name = var.name
description = var.name
aggregator_type = "CUSTOM"
}
resource "alicloud_config_aggregate_config_rule" "default" {
aggregate_config_rule_name = "contains-tag"
aggregator_id = alicloud_config_aggregator.default.id
config_rule_trigger_types = "ConfigurationItemChangeNotification"
source_owner = "ALIYUN"
source_identifier = "contains-tag"
risk_level = 1
resource_types_scope = ["ACS::ECS::Instance"]
input_parameters = {
key = "example"
value = "example"
}
}
Argument Reference
The following arguments are supported:
aggregate_config_rule_name
- (Required, ForceNew) The name of the rule.aggregator_id
- (Required, ForceNew) The Aggregator Id.config_rule_trigger_types
- (Required) The trigger type of the rule. Valid values:ConfigurationItemChangeNotification
: The rule is triggered upon configuration changes.ScheduledNotification
: The rule is triggered as scheduled.description
- (Optional) The description of the rule.exclude_resource_ids_scope
- (Optional) The rule monitors excluded resource IDs, multiple of which are separated by commas, only applies to rules created based on managed rules, , custom rule this field is empty.input_parameters
- (Optional) The settings map of the input parameters for the rule.source_identifier
- (Required, ForceNew) The identifier of the rule. For a managed rule, the value is the identifier of the managed rule. For a custom rule, the value is the ARN of the custom rule. Using managed rules, refer to List of Managed rules.source_owner
- (Required, ForceNew) Specifies whether you or Alibaba Cloud owns and manages the rule. Valid values:CUSTOM_FC
: The rule is a custom rule and you own the rule.ALIYUN
: The rule is a managed rule and Alibaba Cloud owns the rule.maximum_execution_frequency
- (Optional) The frequency of the compliance evaluations. Valid values:One_Hour
,Three_Hours
,Six_Hours
,Twelve_Hours
,TwentyFour_Hours
. System default value isTwentyFour_Hours
and valid when theconfig_rule_trigger_types
isScheduledNotification
.region_ids_scope
- (Optional) The rule monitors region IDs, separated by commas, only applies to rules created based on managed rules.resource_group_ids_scope
- (Optional) The rule monitors resource group IDs, separated by commas, only applies to rules created based on managed rules.resource_types_scope
- (Required) Resource types to be evaluated. Alibaba Cloud services that support Cloud Config.risk_level
- (Required) The risk level of the resources that are not compliant with the rule. Valid values:1
: critical2
: warning3
: info.tag_key_scope
- (Optional) The rule monitors the tag key, only applies to rules created based on managed rules.tag_value_scope
- (Optional) The rule monitors the tag value, use with thetag_key_scope
options. only applies to rules created based on managed rules.status
- (Optional, Available since v1.145.0) The rule status. The valid values:ACTIVE
,INACTIVE
.
Attributes Reference
The following attributes are exported:
id
- The resource ID of Aggregate Config Rule. The value is formatted<aggregator_id>:<config_rule_id>
.config_rule_id
- (Available since v1.141.0) The rule ID of Aggregate Config Rule.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 10 mins) Used when create the Aggregate Config Rule.update
- (Defaults to 10 mins) Used when update the Aggregate Config Rule.
Import
Cloud Config Aggregate Config Rule can be imported using the id, e.g.
$ terraform import alicloud_config_aggregate_config_rule.example "<aggregator_id>:<config_rule_id>"
文檔內(nèi)容是否對您有幫助?