alicloud_config_aggregate_compliance_pack
更新时间:
Provides a Cloud Config Aggregate Compliance Pack resource.
For information about Cloud Config Aggregate Compliance Pack and how to use it, see What is Aggregate Compliance Pack.
-> NOTE: Available since v1.124.0.
Example Usage
Basic Usage
variable "name" {
default = "terraform_example"
}
data "alicloud_resource_manager_accounts" "default" {
status = "CreateSuccess"
}
locals {
last = length(data.alicloud_resource_manager_accounts.default.accounts) - 1
}
resource "alicloud_config_aggregator" "default" {
aggregator_accounts {
account_id = data.alicloud_resource_manager_accounts.default.accounts[local.last].account_id
account_name = data.alicloud_resource_manager_accounts.default.accounts[local.last].display_name
account_type = "ResourceDirectory"
}
aggregator_name = var.name
description = var.name
aggregator_type = "CUSTOM"
}
resource "alicloud_config_aggregate_config_rule" "default" {
aggregate_config_rule_name = "contains-tag"
aggregator_id = alicloud_config_aggregator.default.id
config_rule_trigger_types = "ConfigurationItemChangeNotification"
source_owner = "ALIYUN"
source_identifier = "contains-tag"
description = var.name
risk_level = 1
resource_types_scope = ["ACS::ECS::Instance"]
input_parameters = {
key = "example"
value = "example"
}
}
resource "alicloud_config_aggregate_compliance_pack" "default" {
aggregate_compliance_pack_name = var.name
aggregator_id = alicloud_config_aggregator.default.id
description = var.name
risk_level = 1
config_rule_ids {
config_rule_id = alicloud_config_aggregate_config_rule.default.config_rule_id
}
}
Argument Reference
The following arguments are supported:
aggregator_id- (Required, ForceNew) The ID of aggregator.aggregate_compliance_pack_name- (Required) The name of compliance package name. NOTE: From version 1.145.0,aggregate_compliance_pack_namecan be modified.description- (Required) The description of compliance package.risk_level- (Required, Int) The Risk Level. Valid values:1: critical.2: warning.3: info.
compliance_pack_template_id- (Optional, ForceNew, Available since v1.141.0) The Template ID of compliance package.config_rule_ids- (Optional, Set, Available since v1.141.0) A list of Config Rule IDs. Seeconfig_rule_idsbelow.config_rules- (Optional, Set, Deprecated since v1.141.0) A list of Config Rules. Seeconfig_rulesbelow. NOTE: Fieldconfig_ruleshas been deprecated from provider version 1.141.0. New fieldconfig_rule_idsinstead.
config_rule_ids
The config_rule_ids supports the following:
config_rule_id- (Optional) The rule ID of Aggregate Config Rule.
config_rules
The config_rules supports the following:
managed_rule_identifier- (Required) The Managed Rule Identifier.config_rule_parameters- (Optional, Set) A list of parameter rules. Seeconfig_rule_parametersbelow.
config_rules-config_rule_parameters
The config_rule_parameters supports the following:
parameter_name- (Optional) The Parameter Name.parameter_value- (Optional) The Parameter Value.
Attributes Reference
The following attributes are exported:
id- The resource ID of Aggregate Compliance Pack. It formats as<aggregator_id>:<aggregator_compliance_pack_id>.aggregator_compliance_pack_id- The ID of the compliance package.status- The status of the Aggregate Compliance Pack.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 1 mins) Used when create the Aggregate Compliance Pack.update- (Defaults to 1 mins) Used when update the Aggregate Compliance Pack.delete- (Defaults to 1 mins) Used when delete the Aggregate Compliance Pack.
Import
Cloud Config Aggregate Compliance Pack can be imported using the id, e.g.
$ terraform import alicloud_config_aggregate_compliance_pack.example <aggregator_id>:<aggregator_compliance_pack_id>
该文章对您有帮助吗?