Custom conditional rules let you define compliance audit logic for cloud resources without writing code, using simple attribute-operator-value conditions instead of Function Compute.
What are custom conditional rules?
Custom conditional rules let you audit cloud resources without writing any code. Unlike custom rules that require Function Compute, conditional rules work independently of any programming language — no code upload needed.
To define a rule, specify three elements:
Resource attributes — the resource property to evaluate
Operators — the comparison logic (such as equals, contains, or exists)
Expected values — the value the attribute must match for a resource to be compliant
A built-in debugging feature lets you validate rules before applying them.
Scenarios
Cloud Config provides rule templates for common compliance audits. Use custom conditional rules when the available templates do not cover your requirements or when you need custom audit logic.
Core features
Flexibility: Define your own compliance conditions to handle simple checks or complex multi-condition scenarios.
No coding required: Configure rules through simple attribute-operator-value settings — no programming skills or Function Compute setup needed.
Native integration: Works with compliance packages, account groups, audit results, and non-compliance remediation in Cloud Config.
Broad resource coverage: Cloud Config supports more than 70 cloud products, over 180 resource types, and nearly 3,000 resource properties.