aws_sdk_config/operation/put_organization_config_rule/builders.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199
// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
pub use crate::operation::put_organization_config_rule::_put_organization_config_rule_output::PutOrganizationConfigRuleOutputBuilder;
pub use crate::operation::put_organization_config_rule::_put_organization_config_rule_input::PutOrganizationConfigRuleInputBuilder;
impl crate::operation::put_organization_config_rule::builders::PutOrganizationConfigRuleInputBuilder {
/// Sends a request with this input using the given client.
pub async fn send_with(
self,
client: &crate::Client,
) -> ::std::result::Result<
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleOutput,
::aws_smithy_runtime_api::client::result::SdkError<
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleError,
::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
>,
> {
let mut fluent_builder = client.put_organization_config_rule();
fluent_builder.inner = self;
fluent_builder.send().await
}
}
/// Fluent builder constructing a request to `PutOrganizationConfigRule`.
///
/// <p>Adds or updates an Config rule for your entire organization to evaluate if your Amazon Web Services resources comply with your desired configurations. For information on how many organization Config rules you can have per account, see <a href="https://docs.aws.amazon.com/config/latest/developerguide/configlimits.html"> <b>Service Limits</b> </a> in the <i>Config Developer Guide</i>.</p>
/// <p>Only a management account and a delegated administrator can create or update an organization Config rule. When calling this API with a delegated administrator, you must ensure Organizations <code>ListDelegatedAdministrator</code> permissions are added. An organization can have up to 3 delegated administrators.</p>
/// <p>This API enables organization service access through the <code>EnableAWSServiceAccess</code> action and creates a service-linked role <code>AWSServiceRoleForConfigMultiAccountSetup</code> in the management or delegated administrator account of your organization. The service-linked role is created only when the role does not exist in the caller account. Config verifies the existence of role with <code>GetRole</code> action.</p>
/// <p>To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization <code>register-delegated-administrator</code> for <code>config-multiaccountsetup.amazonaws.com</code>.</p>
/// <p>There are two types of rules: <i>Config Managed Rules</i> and <i>Config Custom Rules</i>. You can use <code>PutOrganizationConfigRule</code> to create both Config Managed Rules and Config Custom Rules.</p>
/// <p>Config Managed Rules are predefined, customizable rules created by Config. For a list of managed rules, see <a href="https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html">List of Config Managed Rules</a>. If you are adding an Config managed rule, you must specify the rule's identifier for the <code>RuleIdentifier</code> key.</p>
/// <p>Config Custom Rules are rules that you create from scratch. There are two ways to create Config custom rules: with Lambda functions (<a href="https://docs.aws.amazon.com/config/latest/developerguide/gettingstarted-concepts.html#gettingstarted-concepts-function"> Lambda Developer Guide</a>) and with Guard (<a href="https://github.com/aws-cloudformation/cloudformation-guard">Guard GitHub Repository</a>), a policy-as-code language. Config custom rules created with Lambda are called <i>Config Custom Lambda Rules</i> and Config custom rules created with Guard are called <i>Config Custom Policy Rules</i>.</p>
/// <p>If you are adding a new Config Custom Lambda rule, you first need to create an Lambda function in the management account or a delegated administrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed account that can be assumed by the Lambda function. When you use <code>PutOrganizationConfigRule</code> to add a Custom Lambda rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function.</p><note>
/// <p>Prerequisite: Ensure you call <code>EnableAllFeatures</code> API to enable all features in an organization.</p>
/// <p>Make sure to specify one of either <code>OrganizationCustomPolicyRuleMetadata</code> for Custom Policy rules, <code>OrganizationCustomRuleMetadata</code> for Custom Lambda rules, or <code>OrganizationManagedRuleMetadata</code> for managed rules.</p>
/// </note>
#[derive(::std::clone::Clone, ::std::fmt::Debug)]
pub struct PutOrganizationConfigRuleFluentBuilder {
handle: ::std::sync::Arc<crate::client::Handle>,
inner: crate::operation::put_organization_config_rule::builders::PutOrganizationConfigRuleInputBuilder,
config_override: ::std::option::Option<crate::config::Builder>,
}
impl
crate::client::customize::internal::CustomizableSend<
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleOutput,
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleError,
> for PutOrganizationConfigRuleFluentBuilder
{
fn send(
self,
config_override: crate::config::Builder,
) -> crate::client::customize::internal::BoxFuture<
crate::client::customize::internal::SendResult<
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleOutput,
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleError,
>,
> {
::std::boxed::Box::pin(async move { self.config_override(config_override).send().await })
}
}
impl PutOrganizationConfigRuleFluentBuilder {
/// Creates a new `PutOrganizationConfigRuleFluentBuilder`.
pub(crate) fn new(handle: ::std::sync::Arc<crate::client::Handle>) -> Self {
Self {
handle,
inner: ::std::default::Default::default(),
config_override: ::std::option::Option::None,
}
}
/// Access the PutOrganizationConfigRule as a reference.
pub fn as_input(&self) -> &crate::operation::put_organization_config_rule::builders::PutOrganizationConfigRuleInputBuilder {
&self.inner
}
/// Sends the request and returns the response.
///
/// If an error occurs, an `SdkError` will be returned with additional details that
/// can be matched against.
///
/// By default, any retryable failures will be retried twice. Retry behavior
/// is configurable with the [RetryConfig](aws_smithy_types::retry::RetryConfig), which can be
/// set when configuring the client.
pub async fn send(
self,
) -> ::std::result::Result<
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleOutput,
::aws_smithy_runtime_api::client::result::SdkError<
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleError,
::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
>,
> {
let input = self
.inner
.build()
.map_err(::aws_smithy_runtime_api::client::result::SdkError::construction_failure)?;
let runtime_plugins = crate::operation::put_organization_config_rule::PutOrganizationConfigRule::operation_runtime_plugins(
self.handle.runtime_plugins.clone(),
&self.handle.conf,
self.config_override,
);
crate::operation::put_organization_config_rule::PutOrganizationConfigRule::orchestrate(&runtime_plugins, input).await
}
/// Consumes this builder, creating a customizable operation that can be modified before being sent.
pub fn customize(
self,
) -> crate::client::customize::CustomizableOperation<
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleOutput,
crate::operation::put_organization_config_rule::PutOrganizationConfigRuleError,
Self,
> {
crate::client::customize::CustomizableOperation::new(self)
}
pub(crate) fn config_override(mut self, config_override: impl ::std::convert::Into<crate::config::Builder>) -> Self {
self.set_config_override(::std::option::Option::Some(config_override.into()));
self
}
pub(crate) fn set_config_override(&mut self, config_override: ::std::option::Option<crate::config::Builder>) -> &mut Self {
self.config_override = config_override;
self
}
/// <p>The name that you assign to an organization Config rule.</p>
pub fn organization_config_rule_name(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.organization_config_rule_name(input.into());
self
}
/// <p>The name that you assign to an organization Config rule.</p>
pub fn set_organization_config_rule_name(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_organization_config_rule_name(input);
self
}
/// <p>The name that you assign to an organization Config rule.</p>
pub fn get_organization_config_rule_name(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_organization_config_rule_name()
}
/// <p>An <code>OrganizationManagedRuleMetadata</code> object. This object specifies organization managed rule metadata such as resource type and ID of Amazon Web Services resource along with the rule identifier. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.</p>
pub fn organization_managed_rule_metadata(mut self, input: crate::types::OrganizationManagedRuleMetadata) -> Self {
self.inner = self.inner.organization_managed_rule_metadata(input);
self
}
/// <p>An <code>OrganizationManagedRuleMetadata</code> object. This object specifies organization managed rule metadata such as resource type and ID of Amazon Web Services resource along with the rule identifier. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.</p>
pub fn set_organization_managed_rule_metadata(mut self, input: ::std::option::Option<crate::types::OrganizationManagedRuleMetadata>) -> Self {
self.inner = self.inner.set_organization_managed_rule_metadata(input);
self
}
/// <p>An <code>OrganizationManagedRuleMetadata</code> object. This object specifies organization managed rule metadata such as resource type and ID of Amazon Web Services resource along with the rule identifier. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.</p>
pub fn get_organization_managed_rule_metadata(&self) -> &::std::option::Option<crate::types::OrganizationManagedRuleMetadata> {
self.inner.get_organization_managed_rule_metadata()
}
/// <p>An <code>OrganizationCustomRuleMetadata</code> object. This object specifies organization custom rule metadata such as resource type, resource ID of Amazon Web Services resource, Lambda function ARN, and organization trigger types that trigger Config to evaluate your Amazon Web Services resources against a rule. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.</p>
pub fn organization_custom_rule_metadata(mut self, input: crate::types::OrganizationCustomRuleMetadata) -> Self {
self.inner = self.inner.organization_custom_rule_metadata(input);
self
}
/// <p>An <code>OrganizationCustomRuleMetadata</code> object. This object specifies organization custom rule metadata such as resource type, resource ID of Amazon Web Services resource, Lambda function ARN, and organization trigger types that trigger Config to evaluate your Amazon Web Services resources against a rule. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.</p>
pub fn set_organization_custom_rule_metadata(mut self, input: ::std::option::Option<crate::types::OrganizationCustomRuleMetadata>) -> Self {
self.inner = self.inner.set_organization_custom_rule_metadata(input);
self
}
/// <p>An <code>OrganizationCustomRuleMetadata</code> object. This object specifies organization custom rule metadata such as resource type, resource ID of Amazon Web Services resource, Lambda function ARN, and organization trigger types that trigger Config to evaluate your Amazon Web Services resources against a rule. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.</p>
pub fn get_organization_custom_rule_metadata(&self) -> &::std::option::Option<crate::types::OrganizationCustomRuleMetadata> {
self.inner.get_organization_custom_rule_metadata()
}
///
/// Appends an item to `ExcludedAccounts`.
///
/// To override the contents of this collection use [`set_excluded_accounts`](Self::set_excluded_accounts).
///
/// <p>A comma-separated list of accounts that you want to exclude from an organization Config rule.</p>
pub fn excluded_accounts(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.excluded_accounts(input.into());
self
}
/// <p>A comma-separated list of accounts that you want to exclude from an organization Config rule.</p>
pub fn set_excluded_accounts(mut self, input: ::std::option::Option<::std::vec::Vec<::std::string::String>>) -> Self {
self.inner = self.inner.set_excluded_accounts(input);
self
}
/// <p>A comma-separated list of accounts that you want to exclude from an organization Config rule.</p>
pub fn get_excluded_accounts(&self) -> &::std::option::Option<::std::vec::Vec<::std::string::String>> {
self.inner.get_excluded_accounts()
}
/// <p>An <code>OrganizationCustomPolicyRuleMetadata</code> object. This object specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.</p>
pub fn organization_custom_policy_rule_metadata(mut self, input: crate::types::OrganizationCustomPolicyRuleMetadata) -> Self {
self.inner = self.inner.organization_custom_policy_rule_metadata(input);
self
}
/// <p>An <code>OrganizationCustomPolicyRuleMetadata</code> object. This object specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.</p>
pub fn set_organization_custom_policy_rule_metadata(
mut self,
input: ::std::option::Option<crate::types::OrganizationCustomPolicyRuleMetadata>,
) -> Self {
self.inner = self.inner.set_organization_custom_policy_rule_metadata(input);
self
}
/// <p>An <code>OrganizationCustomPolicyRuleMetadata</code> object. This object specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.</p>
pub fn get_organization_custom_policy_rule_metadata(&self) -> &::std::option::Option<crate::types::OrganizationCustomPolicyRuleMetadata> {
self.inner.get_organization_custom_policy_rule_metadata()
}
}