rules
Creates, updates, deletes or gets a rule resource or lists rules in a region
Overview
| Name | rules |
| Type | Resource |
| Description | Resource Type definition for AWS::Rbin::Rule |
| Id | aws.rbin.rules |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | Rule Arn is unique for each rule. |
identifier | string | The unique ID of the retention rule. |
description | string | The description of the retention rule. |
resource_tags | array | Information about the resource tags used to identify resources that are retained by the retention rule. |
exclude_resource_tags | array | Information about the exclude resource tags used to identify resources that are excluded by the retention rule. |
resource_type | string | The resource type retained by the retention rule. |
tags | array | Information about the tags assigned to the retention rule. |
retention_period | object | Information about the retention period for which the retention rule is to retain resources. |
status | string | The state of the retention rule. Only retention rules that are in the available state retain resources. |
lock_configuration | object | Information about the retention rule lock configuration. |
lock_state | string | The lock state for the retention rule. |
region | string | AWS region. |
For more information, see AWS::Rbin::Rule.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | RetentionPeriod, ResourceType, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all rules in a region.
SELECT
region,
arn,
identifier,
description,
resource_tags,
exclude_resource_tags,
resource_type,
tags,
retention_period,
status,
lock_configuration,
lock_state
FROM aws.rbin.rules
WHERE region = 'us-east-1';
Gets all properties from an individual rule.
SELECT
region,
arn,
identifier,
description,
resource_tags,
exclude_resource_tags,
resource_type,
tags,
retention_period,
status,
lock_configuration,
lock_state
FROM aws.rbin.rules
WHERE region = 'us-east-1' AND data__Identifier = '<Arn>';
INSERT example
Use the following StackQL query and manifest file to create a new rule resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.rbin.rules (
ResourceType,
RetentionPeriod,
region
)
SELECT
'{{ ResourceType }}',
'{{ RetentionPeriod }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.rbin.rules (
Description,
ResourceTags,
ExcludeResourceTags,
ResourceType,
Tags,
RetentionPeriod,
Status,
LockConfiguration,
region
)
SELECT
'{{ Description }}',
'{{ ResourceTags }}',
'{{ ExcludeResourceTags }}',
'{{ ResourceType }}',
'{{ Tags }}',
'{{ RetentionPeriod }}',
'{{ Status }}',
'{{ LockConfiguration }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: rule
props:
- name: Description
value: '{{ Description }}'
- name: ResourceTags
value:
- ResourceTagKey: '{{ ResourceTagKey }}'
ResourceTagValue: '{{ ResourceTagValue }}'
- name: ExcludeResourceTags
value:
- null
- name: ResourceType
value: '{{ ResourceType }}'
- name: Tags
value:
- Key: '{{ Key }}'
Value: '{{ Value }}'
- name: RetentionPeriod
value:
RetentionPeriodValue: '{{ RetentionPeriodValue }}'
RetentionPeriodUnit: '{{ RetentionPeriodUnit }}'
- name: Status
value: '{{ Status }}'
- name: LockConfiguration
value:
UnlockDelayValue: '{{ UnlockDelayValue }}'
UnlockDelayUnit: '{{ UnlockDelayUnit }}'
DELETE example
/*+ delete */
DELETE FROM aws.rbin.rules
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';
Permissions
To operate on the rules resource, the following permissions are required:
Create
rbin:CreateRule,
rbin:GetRule,
rbin:LockRule,
rbin:TagResource,
iam:PassRole
Read
rbin:GetRule,
rbin:ListTagsForResource,
iam:PassRole
Update
rbin:GetRule,
rbin:UpdateRule,
rbin:LockRule,
rbin:UnlockRule,
rbin:TagResource,
rbin:UntagResource,
rbin:ListTagsForResource,
iam:PassRole
Delete
rbin:GetRule,
rbin:DeleteRule,
iam:PassRole
List
rbin:ListRules,
rbin:ListTagsForResource,
iam:PassRole