-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add config.CustomPolicy function to AWS Config #21441
Labels
@aws-cdk/aws-config
Related to AWS Config
effort/medium
Medium work item – several days of effort
feature-request
A feature should be added or improved.
p2
Comments
watany-dev
added
feature-request
A feature should be added or improved.
needs-triage
This issue or PR still needs to be triaged.
labels
Aug 3, 2022
watany-dev
added a commit
to watany-dev/aws-cdk
that referenced
this issue
Aug 28, 2022
watany-dev
added a commit
to watany-dev/aws-cdk
that referenced
this issue
Aug 28, 2022
4 tasks
rix0rrr
added
effort/medium
Medium work item – several days of effort
p2
and removed
needs-triage
This issue or PR still needs to be triaged.
labels
Sep 2, 2022
watany-dev
added a commit
to watany-dev/aws-cdk
that referenced
this issue
Sep 10, 2022
watany-dev
added a commit
to watany-dev/aws-cdk
that referenced
this issue
Sep 12, 2022
watany-dev
added a commit
to watany-dev/aws-cdk
that referenced
this issue
Sep 12, 2022
mergify bot
pushed a commit
that referenced
this issue
Oct 14, 2022
feat(config) #21441 I have created a `new config.CustomPolicy` so that this functionality is available in L2 Constructs. The resources that can currently be created with `AWS::Config::ConfigRule` can be created with `config.CustomRule` and `config.ManagedRule` in the CDK. This is because the restrictions on the various properties are different. CustomPolicy has different constraints compared to CustomRule as follows. - There is a restriction on the format that can be selected in `SourceDetails`. - [docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configrule-source.html) - Properties that refer to Lambda are unnecessary. - `CustomPolicyDetails` must be specified. - [docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configrule-source-sourcedetails.html) To avoid this limitation and complexity, `CustomPolicy` can be separated, making it more convenient for users. It also reduces the dependence on each rule type for updates during maintenance. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [x] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
mrgrain
pushed a commit
to mrgrain/aws-cdk
that referenced
this issue
Oct 24, 2022
feat(config) aws#21441 I have created a `new config.CustomPolicy` so that this functionality is available in L2 Constructs. The resources that can currently be created with `AWS::Config::ConfigRule` can be created with `config.CustomRule` and `config.ManagedRule` in the CDK. This is because the restrictions on the various properties are different. CustomPolicy has different constraints compared to CustomRule as follows. - There is a restriction on the format that can be selected in `SourceDetails`. - [docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configrule-source.html) - Properties that refer to Lambda are unnecessary. - `CustomPolicyDetails` must be specified. - [docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configrule-source-sourcedetails.html) To avoid this limitation and complexity, `CustomPolicy` can be separated, making it more convenient for users. It also reduces the dependence on each rule type for updates during maintenance. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [x] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
merged |
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
@aws-cdk/aws-config
Related to AWS Config
effort/medium
Medium work item – several days of effort
feature-request
A feature should be added or improved.
p2
Describe the feature
https://aws.amazon.com/jp/about-aws/whats-new/2022/08/build-aws-config-rules-cloudformation-guard/
This update seems to make it simple to write AWS config rules. This is great and I hope it will be supported by L2 constructs. (I will also help in discussing the spec, implementation, etc...)
Use Case
This would be great if it could be expressed as ″new config.CustomRule″, or new config.CustomPolicy″.
*We could combine them into the former, but I think it is preferable to separate them like ManagedRule and CustomRule in AWS::Config::ConfigRule. Because the restrictions on the various properties are different.
Proposed Solution
No response
Other Information
No response
Acknowledgements
CDK version used
v2.35.0
Environment details (OS name and version, etc.)
any
The text was updated successfully, but these errors were encountered: