AWS Route 53 Recovery Control Recoverycontrolconfig Safety Rule
This page shows how to write Terraform and CloudFormation for Route 53 Recovery Control Recoverycontrolconfig Safety Rule and write them securely.
aws_route53recoverycontrolconfig_safety_rule (Terraform)
The Recoverycontrolconfig Safety Rule in Route 53 Recovery Control can be configured in Terraform with the resource name aws_route53recoverycontrolconfig_safety_rule
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
The following arguments are supported:
control_panel_arn
- (Required) ARN of the control panel in which this safety rule will reside.name
- (Required) Name describing the safety rule.rule_config
- (Required) Configuration block for safety rule criteria. See below.wait_period_ms
- (Required) Evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail.
The following arguments are optional:
asserted_controls
- (Optional) Routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed.gating_controls
- (Optional) Gating controls for the new gating rule. That is, routing controls that are evaluated by the rule configuration that you specify.target_controls
- (Optional) Routing controls that can only be set or unset if the specifiedrule_config
evaluates to true for the specifiedgating_controls
.
rule_config
inverted
- (Required) Logical negation of the rule.threshold
- (Required) Number of controls that must be set when you specify anATLEAST
type rule.type
- (Required) Rule type. Valid values areATLEAST
,AND
, andOR
.
In addition to all arguments above, the following attributes are exported:
arn
- ARN of the safety rule.status
- Status of the safety rule.PENDING
when it is being created/updated,PENDING_DELETION
when it is being deleted, andDEPLOYED
otherwise.
Explanation in Terraform Registry
Provides an AWS Route 53 Recovery Control Config Safety Rule
AWS::Route53RecoveryControl::SafetyRule (CloudFormation)
The SafetyRule in Route53RecoveryControl can be configured in CloudFormation with the resource name AWS::Route53RecoveryControl::SafetyRule
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
AssertionRule
An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is On
after the transation so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.
Required: No
Type: AssertionRule
Update requires: No interruption
ControlPanelArn
The Amazon Resource Name (ARN) for the control panel.
Required: Yes
Type: String
Update requires: Replacement
GatingRule
A gating rule verifies that a gating routing control or set of gating rounting controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.
For example, if you specify one gating routing control and you set the Type
in the rule configuration to OR
, that indicates that you must set the gating routing control to On
for the rule to evaluate as true; that is, for the gating control "switch" to be "On". When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.
Required: No
Type: GatingRule
Update requires: No interruption
Name
The name of the assertion rule. You can use any non-white space character in the name.
Required: Yes
Type: String
Update requires: No interruption
RuleConfig
The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be ON
as the result of a transaction. For example, if you have three assertion controls, you might specify ATLEAST 2
for your rule configuration. This means that at least two assertion controls must be ON
, so that at least two AWS Regions have traffic flowing to them.
Required: Yes
Type: RuleConfig
Update requires: Replacement
Tags
Not currently supported by AWS CloudFormation.
Required: No
Type: List of Tag
Update requires: Replacement
Explanation in CloudFormation Registry
List the safety rules (the assertion rules and gating rules) that you've defined for the routing controls in a control panel.