Modify¶
Used to modify the local metadata for Config Rules created by the RDK. This command takes the same arguments as the create command (all of them optional), and overwrites the Rule metadata for any flag specified. Changes made using modify are not automatically pushed out to your AWS Account, and must be deployed as usual using the deploy command.
usage: rdk modify <rulename> [--runtime <runtime>] [--resource-types <resource types>] [--maximum-frequency <max execution frequency>] [--input-parameters <parameter JSON>] [--tags <tags JSON>] [--rulesets <RuleSet tags>]
Positional Arguments¶
| <rulename> | Rule name to create/modify |
Named Arguments¶
| -R, --runtime | Possible choices: nodejs4.3, java8, python2.7, python3.6, python3.6-lib, python3.7, dotnetcore1.0, dotnetcore2.0 Runtime for lambda function |
| --source-identifier | |
| [optional] Used only for creating Managed Rules. | |
| -r, --resource-types | |
| [optional] Resource types that will trigger event-based Rule evaluation | |
| -m, --maximum-frequency | |
Possible choices: One_Hour, Three_Hours, Six_Hours, Twelve_Hours, TwentyFour_Hours [optional] Maximum execution frequency for scheduled Rules | |
| -i, --input-parameters | |
| [optional] JSON for required Config parameters. | |
| --optional-parameters | |
| [optional] JSON for optional Config parameters. | |
| --tags | [optional] JSON for tags to be applied to all CFN created resources. |
| -s, --rulesets | [optional] comma-delimited list of RuleSet names to add this Rule to. |
| --remediation-action | |
| [optional] SSM document for remediation. | |
| --remediation-action-version | |
| [optional] SSM document version for remediation action. | |
| --auto-remediate | |
[optional] Set the SSM remediation to trigger automatically. Default: False | |
| --auto-remediation-retry-attempts | |
| [optional] Number of times to retry automated remediation. | |
| --auto-remediation-retry-time | |
| [optional] Duration of automated remediation retries. | |
| --remediation-concurrent-execution-percent | |
| [optional] Concurrent execution rate of the SSM document for remediation. | |
| --remediation-error-rate-percent | |
| [optional] Error rate that will mark the batch as “failed” for SSM remediation execution. | |
| --remediation-resource-id-parameter | |
| [optional] Parameter that will be passed to SSM remediation document. | |
| --remediation-parameters | |
| [optional] JSON-formatted string of additional parameters required by the SSM document. | |