pub struct PutOrganizationConfigRule<C = DynConnector, M = DefaultMiddleware, R = Standard> { /* private fields */ }Expand description
Fluent builder constructing a request to PutOrganizationConfigRule.
Adds or updates organization config rule for your entire organization evaluating whether your Amazon Web Services resources comply with your desired configurations.
Only a master account and a delegated administrator can create or update an organization config rule. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added.
This API enables organization service access through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. Config verifies the existence of role with GetRole action.
To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegated-administrator for config-multiaccountsetup.amazonaws.com.
You can use this action to create both custom Config rules and Config managed rules. If you are adding a new custom Config rule, you must first create Lambda function in the master account or a delegated administrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed-account that can be assumed by the Lambda function. When you use the PutOrganizationConfigRule action to add the rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. If you are adding an Config managed rule, specify the rule's identifier for the RuleIdentifier key.
The maximum number of organization config rules that Config supports is 150 and 3 delegated administrator per organization.
Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.
Specify either OrganizationCustomRuleMetadata or OrganizationManagedRuleMetadata.
Implementations
impl<C, M, R> PutOrganizationConfigRule<C, M, R> where
C: SmithyConnector,
M: SmithyMiddleware<C>,
R: NewRequestPolicy,
impl<C, M, R> PutOrganizationConfigRule<C, M, R> where
C: SmithyConnector,
M: SmithyMiddleware<C>,
R: NewRequestPolicy,
pub async fn send(
self
) -> Result<PutOrganizationConfigRuleOutput, SdkError<PutOrganizationConfigRuleError>> where
R::Policy: SmithyRetryPolicy<PutOrganizationConfigRuleInputOperationOutputAlias, PutOrganizationConfigRuleOutput, PutOrganizationConfigRuleError, PutOrganizationConfigRuleInputOperationRetryAlias>,
pub async fn send(
self
) -> Result<PutOrganizationConfigRuleOutput, SdkError<PutOrganizationConfigRuleError>> where
R::Policy: SmithyRetryPolicy<PutOrganizationConfigRuleInputOperationOutputAlias, PutOrganizationConfigRuleOutput, PutOrganizationConfigRuleError, PutOrganizationConfigRuleInputOperationRetryAlias>,
Sends the request and returns the response.
If an error occurs, an SdkError will be returned with additional details that
can be matched against.
By default, any retryable failures will be retried twice. Retry behavior is configurable with the RetryConfig, which can be set when configuring the client.
The name that you assign to an organization config rule.
The name that you assign to an organization config rule.
pub fn organization_managed_rule_metadata(
self,
input: OrganizationManagedRuleMetadata
) -> Self
pub fn organization_managed_rule_metadata(
self,
input: OrganizationManagedRuleMetadata
) -> Self
An OrganizationManagedRuleMetadata object.
pub fn set_organization_managed_rule_metadata(
self,
input: Option<OrganizationManagedRuleMetadata>
) -> Self
pub fn set_organization_managed_rule_metadata(
self,
input: Option<OrganizationManagedRuleMetadata>
) -> Self
An OrganizationManagedRuleMetadata object.
pub fn organization_custom_rule_metadata(
self,
input: OrganizationCustomRuleMetadata
) -> Self
pub fn organization_custom_rule_metadata(
self,
input: OrganizationCustomRuleMetadata
) -> Self
An OrganizationCustomRuleMetadata object.
pub fn set_organization_custom_rule_metadata(
self,
input: Option<OrganizationCustomRuleMetadata>
) -> Self
pub fn set_organization_custom_rule_metadata(
self,
input: Option<OrganizationCustomRuleMetadata>
) -> Self
An OrganizationCustomRuleMetadata object.
Appends an item to ExcludedAccounts.
To override the contents of this collection use set_excluded_accounts.
A comma-separated list of accounts that you want to exclude from an organization config rule.
A comma-separated list of accounts that you want to exclude from an organization config rule.
Trait Implementations
Auto Trait Implementations
impl<C = DynConnector, M = DefaultMiddleware, R = Standard> !RefUnwindSafe for PutOrganizationConfigRule<C, M, R>
impl<C, M, R> Send for PutOrganizationConfigRule<C, M, R> where
C: Send + Sync,
M: Send + Sync,
R: Send + Sync,
impl<C, M, R> Sync for PutOrganizationConfigRule<C, M, R> where
C: Send + Sync,
M: Send + Sync,
R: Send + Sync,
impl<C, M, R> Unpin for PutOrganizationConfigRule<C, M, R>
impl<C = DynConnector, M = DefaultMiddleware, R = Standard> !UnwindSafe for PutOrganizationConfigRule<C, M, R>
Blanket Implementations
Mutably borrows from an owned value. Read more
Attaches the provided Subscriber to this type, returning a
WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a
WithDispatch wrapper. Read more