Updated on 2024-10-15 GMT+08:00

Editing a Rule

Scenario

You can modify, enable, disable, or delete a rule at any time.

You can perform these operations in the rule list or on the Rules Details page. This section describes how to modify, enable, disable, or delete a rule through the rule list.

  • The resource recorder must be enabled for adding, modifying, enabling, or triggering a rule. If the resource recorder is disabled, you can only view, disable, and delete rules.
  • You cannot modify, disable, enable, or delete an individual organization rule that is deployed to your account or an individual rule of a conformance package. Only the organization administrator or delegated administrator of Config who creates the organization rule can modify or delete it. To modify or delete a rule of a conformance package, modify or delete the package. For details, see Organization Rules and Conformance Packages.

Disabling a Rule

  1. Log in to the management console.
  2. Click in the upper left corner. Under Management & Governance, click Config.
  3. In the navigation pane on the left, choose Resource Compliance.
  4. On the Rules tab, locate a target rule and click Disable in the Operation column.
  5. In the displayed dialog box, click OK.

    Figure 1 Disabling a rule

Enabling a Rule

  1. Log in to the management console.
  2. Click in the upper left corner. Under Management & Governance, click Config.
  3. In the navigation pane on the left, choose Resource Compliance.
  4. On the Rules tab, locate a target rule and click Enable in the Operation column.
  5. In the displayed dialog box, click OK.

    After a rule is enabled, it will be automatically triggered immediately.

    Figure 2 Enabling a rule

Modifying a Rule

  1. Log in to the management console.
  2. Click in the upper left corner. Under Management & Governance, click Config.
  3. In the navigation pane on the left, choose Resource Compliance.
  4. On the Rules tab, locate a target rule and click More > Modify in the Operation column.

    Figure 3 Modifying a rule

  5. On Basic Configurations page, modify the rule description and name and click Next.
  6. On the Configure Rule Parameters page, configure required parameters and click Next.

    The configuration items that you can modify vary for different policies.

    • Filter Type: Can be modified when Trigger Type is set to Configuration change
    • Resource Scope: Can be modified when Trigger Type is set to Configuration change
    • Filter Scope: Can be modified when Trigger Type is set to Configuration change.
    • Execute Every: Can be modified when Trigger Type is set to Periodic execution.
    • Configure Rule Parameters: For a rule created with a predefined policy, you can only modify the values of parameters for Configure Rule Parameters. For a custom rule, you can add, delete, and modify related parameters.

  7. Confirm the modifications and click Submit.

    After a rule is modified, it will be automatically triggered.

Deleting a Rule

To delete a rule, you need to disable the rule first. If a rule has remediation configured, you also need to delete the remediation.

  1. Log in to the management console.
  2. Click in the upper left corner. Under Management & Governance, click Config.
  3. In the navigation pane on the left, choose Resource Compliance.
  4. On the Rules tab, locate a target rule and click More > Delete in the Operation column.

    Figure 4 Deleting a rule

  5. Click OK.