pub struct PutOrganizationConfigRule { /* private fields */ }Expand description
Fluent builder constructing a request to PutOrganizationConfigRule.
Adds or updates organization Config rule for your entire organization evaluating whether your Amazon Web Services resources comply with your desired configurations. For information on how many organization Config rules you can have per account, see Service Limits in the Config Developer Guide.
Only a master account and a delegated administrator can create or update an organization Config rule. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators.
This API enables organization service access through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. Config verifies the existence of role with GetRole action.
To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegated-administrator for config-multiaccountsetup.amazonaws.com.
You can use this action to create both Config custom rules and Config managed rules. If you are adding a new Config custom rule, you must first create Lambda function in the master account or a delegated administrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed-account that can be assumed by the Lambda function. When you use the PutOrganizationConfigRule action to add the rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. If you are adding an Config managed rule, specify the rule's identifier for the RuleIdentifier key.
Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.
Specify either OrganizationCustomRuleMetadata or OrganizationManagedRuleMetadata.
Implementations
sourceimpl PutOrganizationConfigRule
impl PutOrganizationConfigRule
sourcepub async fn send(
self
) -> Result<PutOrganizationConfigRuleOutput, SdkError<PutOrganizationConfigRuleError>>
pub async fn send(
self
) -> Result<PutOrganizationConfigRuleOutput, SdkError<PutOrganizationConfigRuleError>>
Sends the request and returns the response.
If an error occurs, an SdkError will be returned with additional details that
can be matched against.
By default, any retryable failures will be retried twice. Retry behavior is configurable with the RetryConfig, which can be set when configuring the client.
sourcepub fn organization_config_rule_name(self, input: impl Into<String>) -> Self
pub fn organization_config_rule_name(self, input: impl Into<String>) -> Self
The name that you assign to an organization Config rule.
sourcepub fn set_organization_config_rule_name(self, input: Option<String>) -> Self
pub fn set_organization_config_rule_name(self, input: Option<String>) -> Self
The name that you assign to an organization Config rule.
sourcepub fn organization_managed_rule_metadata(
self,
input: OrganizationManagedRuleMetadata
) -> Self
pub fn organization_managed_rule_metadata(
self,
input: OrganizationManagedRuleMetadata
) -> Self
An OrganizationManagedRuleMetadata object.
sourcepub fn set_organization_managed_rule_metadata(
self,
input: Option<OrganizationManagedRuleMetadata>
) -> Self
pub fn set_organization_managed_rule_metadata(
self,
input: Option<OrganizationManagedRuleMetadata>
) -> Self
An OrganizationManagedRuleMetadata object.
sourcepub fn organization_custom_rule_metadata(
self,
input: OrganizationCustomRuleMetadata
) -> Self
pub fn organization_custom_rule_metadata(
self,
input: OrganizationCustomRuleMetadata
) -> Self
An OrganizationCustomRuleMetadata object.
sourcepub fn set_organization_custom_rule_metadata(
self,
input: Option<OrganizationCustomRuleMetadata>
) -> Self
pub fn set_organization_custom_rule_metadata(
self,
input: Option<OrganizationCustomRuleMetadata>
) -> Self
An OrganizationCustomRuleMetadata object.
sourcepub fn excluded_accounts(self, input: impl Into<String>) -> Self
pub fn excluded_accounts(self, input: impl Into<String>) -> Self
Appends an item to ExcludedAccounts.
To override the contents of this collection use set_excluded_accounts.
A comma-separated list of accounts that you want to exclude from an organization Config rule.
sourcepub fn set_excluded_accounts(self, input: Option<Vec<String>>) -> Self
pub fn set_excluded_accounts(self, input: Option<Vec<String>>) -> Self
A comma-separated list of accounts that you want to exclude from an organization Config rule.
sourcepub fn organization_custom_policy_rule_metadata(
self,
input: OrganizationCustomPolicyRuleMetadata
) -> Self
pub fn organization_custom_policy_rule_metadata(
self,
input: OrganizationCustomPolicyRuleMetadata
) -> Self
An object that specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.
sourcepub fn set_organization_custom_policy_rule_metadata(
self,
input: Option<OrganizationCustomPolicyRuleMetadata>
) -> Self
pub fn set_organization_custom_policy_rule_metadata(
self,
input: Option<OrganizationCustomPolicyRuleMetadata>
) -> Self
An object that specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.
Trait Implementations
sourceimpl Clone for PutOrganizationConfigRule
impl Clone for PutOrganizationConfigRule
sourcefn clone(&self) -> PutOrganizationConfigRule
fn clone(&self) -> PutOrganizationConfigRule
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source. Read more
Auto Trait Implementations
impl !RefUnwindSafe for PutOrganizationConfigRule
impl Send for PutOrganizationConfigRule
impl Sync for PutOrganizationConfigRule
impl Unpin for PutOrganizationConfigRule
impl !UnwindSafe for PutOrganizationConfigRule
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
Attaches the provided Subscriber to this type, returning a
WithDispatch wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber to this type, returning a
WithDispatch wrapper. Read more