文档首页/ 配置审计 Config/ SDK参考/ 使用SDK为Config创建合规规则
更新时间:2025-03-26 GMT+08:00
查看PDF
分享

使用SDK为Config创建合规规则

示例简介

该示例展示了如何通过Java版本SDK为Config服务创建合规规则和查询合规规则。

合规规则通过指定合规策略和合规策略所应用的范围(如:在某一区域的某些资源)来构成合规规则。

开发前准备

  1. 获取华为云开发工具包(SDK),您也可以查看安装JAVA SDK。
  2. 您需要拥有华为云账号以及该账号对应的 Access Key(AK)和 Secret Access Key(SK),请在华为云控制台“我的凭证 > 访问密钥”页面上创建和查看您的AK/SK。具体请参见访问密钥
  3. 配置审计 Config SDK,支持 Java JDK 1.8 及其以上版本。

安装SDK

您可以通过Maven方式获取和安装SDK,您只需要在Java项目的pom.xml文件中加入相应的依赖项即可。 具体的SDK版本号请参见SDK开发中心

<dependency>
    <groupId>com.huaweicloud.sdk</groupId>
    <artifactId>huaweicloud-sdk-config</artifactId>
    <version>{sdk-version}</version>
</dependency>

代码示例

public class CreatePolicyAssignmentDemo {
    public static void main(String[] args) {
        // 认证用的ak和sk直接写到代码中有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;
        // 本示例以ak和sk保存在环境变量中来实现身份验证为例,运行本示例前请先在本地环境中设置环境变量HUAWEICLOUD_SDK_AK和HUAWEICLOUD_SDK_SK。
        String ak = System.getenv("HUAWEICLOUD_SDK_AK");
        String sk = System.getenv("HUAWEICLOUD_SDK_SK");
        String regionId = "<region id>";
        HttpConfig config = HttpConfig.getDefaultHttpConfig();
        config.withIgnoreSSLVerification(true);

        ICredential auth = new GlobalCredentials().withAk(ak).withSk(sk);
        ConfigClient client = ConfigClient.newBuilder().withHttpConfig(config).withCredential(auth)
            .withRegion(ConfigRegion.valueOf(regionId)).build();

        CreatePolicyAssignmentsRequest createRequest = new CreatePolicyAssignmentsRequest()
            .withBody(new PolicyAssignmentRequestBody().withPolicyAssignmentType(PolicyAssignmentRequestBody.PolicyAssignmentTypeEnum.BUILTIN)
                .withName("<Your policy_assignment_name>").withDescription("<Your policy_assignment_description>")
                .withPolicyFilter(new PolicyFilterDefinition()).withPolicyDefinitionId("<Your policy_definition_id>"));

        try {
            CreatePolicyAssignmentsResponse createResponse = client.createPolicyAssignments(createRequest);
            System.out.println(createResponse.toString());
            ShowPolicyAssignmentRequest showPolicyAssignmentRequest = new ShowPolicyAssignmentRequest()
                .withPolicyAssignmentId(createResponse.getId());
            ShowPolicyAssignmentResponse showResponse = client.showPolicyAssignment(showPolicyAssignmentRequest);
            System.out.println(showResponse.toString());
        } catch (ConnectionException | RequestTimeoutException | ServiceResponseException ex) {
            System.out.println(ex);
        }
    }
}

返回结果示例

class CreatePolicyAssignmentsResponse {
    policyAssignmentType: "policyAssignmentType"
    id: "id"
    name: "name"
    description: "description"
    policyFilter: class PolicyFilterDefinition {}
    period: "period"
    state: "state"
    created: "created"
    updated: "updated"
    policyDefinitionId: "policyDefinitionId"
    customPolicy: "customPolicy"
    parameters: {}
    createdBy: "createdBy"
}

class ShowPolicyAssignmentResponse {
    policyAssignmentType: "policyAssignmentType"
    id: "id"
    name: "name"
    description: "description"
    policyFilter: class PolicyFilterDefinition {}
    period: "period"
    state: "state"
    created: "created"
    updated: "updated"
    policyDefinitionId: "policyDefinitionId"
    customPolicy: "customPolicy"
    parameters: {}
    createdBy: "createdBy"
}

参考

更多信息请参考资源合规概述