AWS Fundamentals Logo
AWS Fundamentals
L1 ConstructAWS::IoT::ScheduledAudit

CfnScheduledAudit

Use the `AWS::IoT::ScheduledAudit` resource to create a scheduled audit that is run at a specified time interval. For API reference, see [CreateScheduleAudit](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateScheduledAudit.html) and for general information, see [Audit](https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-audit.html) .

Import

import { CfnScheduledAudit } from 'aws-cdk-lib/aws-iot';

Or use the module namespace:

import * as iot from 'aws-cdk-lib/aws-iot';
// iot.CfnScheduledAudit

Properties

Configuration passed to the constructor as CfnScheduledAuditProps.

frequencyRequired
string

How often the scheduled audit occurs.

targetCheckNamesRequired
string[]

Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.) The following checks are currently available: - `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK` - `CA_CERTIFICATE_EXPIRING_CHECK` - `CA_CERTIFICATE_KEY_QUALITY_CHECK` - `CONFLICTING_CLIENT_IDS_CHECK` - `DEVICE_CERTIFICATE_EXPIRING_CHECK` - `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK` - `DEVICE_CERTIFICATE_SHARED_CHECK` - `IOT_POLICY_OVERLY_PERMISSIVE_CHECK` - `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK` - `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK` - `LOGGING_DISABLED_CHECK` - `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK` - `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK` - `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`

dayOfMonthOptional
string

The day of the month on which the scheduled audit is run (if the `frequency` is "MONTHLY"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the "LAST" day of the month.

dayOfWeekOptional
string

The day of the week on which the scheduled audit is run (if the `frequency` is "WEEKLY" or "BIWEEKLY").

scheduledAuditNameOptional
string

The name of the scheduled audit.

tagsOptional
CfnTag[]

Metadata that can be used to manage the scheduled audit.

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::IoT::ScheduledAuditView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)
Moduleaws-iot
CFN TypeAWS::IoT::ScheduledAudit
Properties6

Related Constructs

Explore This Service

External Links