safety_rules
Creates, updates, deletes or gets a safety_rule resource or lists safety_rules in a region
Overview
| Name | safety_rules |
| Type | Resource |
| Description | Resource schema for AWS Route53 Recovery Control basic constructs and validation rules. |
| Id | awscc.route53recoverycontrol.safety_rules |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
assertion_rule | object | An assertion rule enforces that, when a routing control state is changed, that the criteria set by the rule configuration is met. Otherwise, the change to the routing control is not accepted. |
gating_rule | object | A gating rule verifies that a set of gating controls evaluates as true, based on a rule configuration that you specify. If the gating rule evaluates to true, Amazon Route 53 Application Recovery Controller allows a set of routing control state changes to run and complete against the set of target controls. |
name | string | The name for the safety rule. |
safety_rule_arn | string | The Amazon Resource Name (ARN) of the safety rule. |
control_panel_arn | string | The Amazon Resource Name (ARN) of the control panel. |
status | string | The deployment status of the routing control. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION. |
rule_config | object | The rule configuration for an assertion rule or gating rule. This is the criteria that you set for specific assertion controls (routing controls) or gating controls. This configuration specifies how many controls must be enabled after a transaction completes. |
tags | array | A collection of tags associated with a resource |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
safety_rule_arn | string | The Amazon Resource Name (ARN) of the safety rule. |
region | string | AWS region. |
For more information, see AWS::Route53RecoveryControl::SafetyRule.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | safety_rules | INSERT | , region |
delete_resource | safety_rules | DELETE | Identifier, region |
update_resource | safety_rules | UPDATE | Identifier, PatchDocument, region |
list_resources | safety_rules_list_only | SELECT | region |
get_resource | safety_rules | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual safety_rule.
SELECT
region,
assertion_rule,
gating_rule,
name,
safety_rule_arn,
control_panel_arn,
status,
rule_config,
tags
FROM awscc.route53recoverycontrol.safety_rules
WHERE
region = 'us-east-1' AND
Identifier = '{{ safety_rule_arn }}';
Lists all safety_rules in a region.
SELECT
region,
safety_rule_arn
FROM awscc.route53recoverycontrol.safety_rules_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new safety_rule resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.route53recoverycontrol.safety_rules (
,
region
)
SELECT
'{{ }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.route53recoverycontrol.safety_rules (
AssertionRule,
GatingRule,
Name,
ControlPanelArn,
RuleConfig,
Tags,
region
)
SELECT
'{{ assertion_rule }}',
'{{ gating_rule }}',
'{{ name }}',
'{{ control_panel_arn }}',
'{{ rule_config }}',
'{{ tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: safety_rule
props:
- name: assertion_rule
value:
wait_period_ms: '{{ wait_period_ms }}'
asserted_controls:
- '{{ asserted_controls[0] }}'
- name: gating_rule
value:
gating_controls:
- '{{ gating_controls[0] }}'
target_controls:
- '{{ target_controls[0] }}'
wait_period_ms: '{{ wait_period_ms }}'
- name: name
value: '{{ name }}'
- name: control_panel_arn
value: '{{ control_panel_arn }}'
- name: rule_config
value:
type: '{{ type }}'
threshold: '{{ threshold }}'
inverted: '{{ inverted }}'
- name: tags
value:
- key: '{{ key }}'
value: '{{ value }}'
UPDATE example
Use the following StackQL query and manifest file to update a safety_rule resource, using stack-deploy.
/*+ update */
UPDATE awscc.route53recoverycontrol.safety_rules
SET PatchDocument = string('{{ {
"AssertionRule": assertion_rule,
"GatingRule": gating_rule,
"Name": name,
"ControlPanelArn": control_panel_arn,
"RuleConfig": rule_config,
"Tags": tags
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ safety_rule_arn }}';
DELETE example
/*+ delete */
DELETE FROM awscc.route53recoverycontrol.safety_rules
WHERE
Identifier = '{{ safety_rule_arn }}' AND
region = 'us-east-1';
Permissions
To operate on the safety_rules resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
route53-recovery-control-config:CreateSafetyRule,
route53-recovery-control-config:DescribeSafetyRule,
route53-recovery-control-config:DescribeControlPanel,
route53-recovery-control-config:DescribeRoutingControl,
route53-recovery-control-config:ListTagsForResource,
route53-recovery-control-config:TagResource
route53-recovery-control-config:DescribeSafetyRule,
route53-recovery-control-config:ListTagsForResource
route53-recovery-control-config:UpdateSafetyRule,
route53-recovery-control-config:DescribeSafetyRule,
route53-recovery-control-config:ListTagsForResource,
route53-recovery-control-config:TagResource,
route53-recovery-control-config:UntagResource
route53-recovery-control-config:DescribeSafetyRule,
route53-recovery-control-config:DeleteSafetyRule
route53-recovery-control-config:ListSafetyRules