AWS::Backup::Framework ControlScope

A framework consists of one or more controls. Each control has its own control scope. The control scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. If no scope is specified, evaluations for the rule are triggered when any resource in your recording group changes in configuration.

Note

To set a control scope that includes all of a particular resource, leave the ControlScope empty or do not pass it when calling CreateFramework.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON


{
  "ComplianceResourceIds" : [ String, ... ],
  "ComplianceResourceTypes" : [ String, ... ],
  "Tags" : [ Tag, ... ]
}

YAML


  ComplianceResourceIds: 
    - String
  ComplianceResourceTypes: 
    - String
  Tags: 
    - Tag

Properties

ComplianceResourceIds

The ID of the only Amazon resource that you want your control scope to contain.

Required: No

Type: List of String

Maximum: 100

Update requires: No interruption

ComplianceResourceTypes

Describes whether the control scope includes one or more types of resources, such as EFS or RDS.

Required: No

Type: List of String

Update requires: No interruption

Tags

The tag key-value pair applied to those Amazon resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided. The tag value is optional, but it cannot be an empty string. The structure to assign a tag is: [{"Key":"string","Value":"string"}].

Required: No

Type: List of Tag

Update requires: No interruption

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

ControlInputParameter

FrameworkControl