amazon-cloudformation - 在 aws config 模板的云形成中将补救操作作为参数传递
问题描述
我目前正在使用 cloudformation 模板自动创建 aws config 规则。我需要在脚本中添加修复操作以自动化不兼容的资源。我不知道将修复操作添加为云形成模板的参数。有人可以帮我解决这个问题吗?下面是我的代码。但我无法创建堆栈
{
"Resources": {
"AWSConfigRule": {
"Type": "AWS::Config::ConfigRule",
"Properties": {
"ConfigRuleName": {
"Ref": "ConfigRuleName"
},
"Description": "Checks whether Amazon Virtual Private Cloud flow logs
are found and enabled for Amazon VPC.",
"InputParameters": {
"trafficType": {
"Fn::If": [
"trafficType",
{
"Ref": "trafficType"
},
{
"Ref": "AWS::NoValue"
}
]
}
},
"Scope": {},
"Source": {
"Owner": "AWS",
"SourceIdentifier": "VPC_FLOW_LOGS_ENABLED"
},
"MaximumExecutionFrequency": {
"Ref": "MaximumExecutionFrequency"
},
"RemediationConfigurations": {
"Ref": "RemediationConfigurations"
},
}
}
},
"Parameters": {
"ConfigRuleName": {
"Type": "String",
"Default": "vpc-flow-logs-enabled",
"Description": "The name that you assign to the AWS Config rule.",
"MinLength": "1",
"ConstraintDescription": "This parameter is required."
},
"MaximumExecutionFrequency": {
"Type": "String",
"Default": "TwentyFour_Hours",
"Description": "The frequency that you want AWS Config to run evaluations for the rule.",
"MinLength": "1",
"ConstraintDescription": "This parameter is required.",
"AllowedValues": [
"One_Hour",
"Three_Hours",
"Six_Hours",
"Twelve_Hours",
"TwentyFour_Hours"
]
},
"trafficType": {
"Type": "String",
"Default": "",
"Description": "TrafficType of flow logs"
},
"RemediationConfigurations": [
{
"TargetId": "AWS-PublishSNSNotification",
"TargetType": "SSM_DOCUMENT"
}
]
},
解决方案
对于您可以直接在云端使用的配置规则,没有可用的属性,例如“RemediationConfigurations”。因此,您最好调用 lambda 函数并使用函数 putremediationconfigurations 通过脚本传递它。
推荐阅读
- c# - SQL 联系应用程序未正确响应服务器
- jquery - 如何通过表单发布方法请求使用 api 密钥?
- mysql - 配置 MySQL 的 mysqlsh 默认接受 SQL 并连接
- javascript - Puppeteer:按顺序操作页面的 DIV/html 元素?
- jenkins - 如何在控制台输出中显示正在运行的测试总数?
- observable - 如何跳过 .map ionic 4 observables 中的迭代
- apache-spark - 使用 Pyspark 与 Hbase 交互的最佳方式是什么
- rstan - 有效数
- java - 如何强制覆盖方法并同时调用超级
- php - 从 html 输入中清理/验证 php 时有什么更好的做法?