翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。
# ランディングゾーンのスキーマ
ランディングゾーンは、スキーマによって作成される AWS リソースです。AWS Control Tower ランディングゾーンバージョンには、それぞれ一意のスキーマがあります。
AWS Control Tower ランディングゾーンのバージョン 3.1 以降のスキーマは、互換性のあるバージョンの選択に役立つように、このリファレンスセクションで公開されています。
**注記**
ランディングゾーンバージョン 3.0 には、*不要なアクセスログ記録*に関する既知の問題があります。この問題はランディングゾーンバージョン 3.1 で解決されています。変更の詳細については、「[AWS Control Tower ランディングゾーンバージョン 3.1](2023-all.md#lz-3-1)」を参照してください。
## ランディングゾーン 4.0 スキーマ
```
{
"type": "object",
"required": [],
"properties": {
"accessManagement": {
"$ref": "#/definitions/AccessManagement"
},
"backup": {
"$ref": "#/definitions/Backup"
},
"centralizedLogging": {
"$ref": "#/definitions/CentralizedLogging"
},
"governedRegions": {
"type": "array",
"items": {
"type": "string",
"maxLength": 24,
"minLength": 1,
"pattern": "^[a-z]{2}-[a-z\\-]*-[0-9]{1}$",
"additionalProperties": false
},
"additionalProperties": false
},
"securityRoles": {
"$ref": "#/definitions/SecurityRoles"
},
"config": {
"$ref": "#/definitions/Config"
}
},
"additionalProperties": false,
"definitions": {
"AccessManagement": {
"type": "object",
"required": [
"enabled"
],
"properties": {
"enabled": {
"type": "boolean",
"additionalProperties": false
}
},
"additionalProperties": false
},
"Backup": {
"type": "object",
"required": [
"enabled"
],
"properties": {
"configurations": {
"$ref": "#/definitions/BackupConfigurations"
},
"enabled": {
"type": "boolean",
"additionalProperties": false
}
},
"additionalProperties": false,
"if": {
"properties": {
"enabled": {
"const": true
}
}
},
"then": {
"required": [
"configurations"
]
}
},
"BackupAdminConfigurations": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"BackupConfigurations": {
"type": "object",
"required": [
"backupAdmin",
"centralBackup",
"kmsKeyArn"
],
"properties": {
"backupAdmin": {
"$ref": "#/definitions/BackupAdminConfigurations"
},
"centralBackup": {
"$ref": "#/definitions/CentralBackupConfigurations"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
}
},
"additionalProperties": false
},
"CentralBackupConfigurations": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"CentralizedLogging": {
"type": "object",
"required": [
"enabled"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
},
"configurations": {
"$ref": "#/definitions/LoggingConfigurations"
},
"enabled": {
"type": "boolean",
"additionalProperties": false
}
},
"additionalProperties": false,
"if": {
"properties": {
"enabled": {
"const": true
}
}
},
"then": {
"required": [
"accountId"
]
}
},
"LoggingConfigurations": {
"type": "object",
"properties": {
"accessLoggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
},
"loggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
}
},
"additionalProperties": false
},
"S3BucketConfiguration": {
"type": "object",
"properties": {
"retentionDays": {
"type": "number",
"minimum": 1,
"additionalProperties": false
}
},
"additionalProperties": false
},
"SecurityRoles": {
"type": "object",
"required": [
"enabled"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
},
"enabled": {
"type": "boolean",
"additionalProperties": false
}
},
"additionalProperties": false,
"if": {
"properties": {
"enabled": {
"const": true
}
}
},
"then": {
"required": [
"accountId"
]
}
},
"Config": {
"type": "object",
"required": [
"enabled"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
},
"configurations": {
"$ref": "#/definitions/ConfigConfiguration"
},
"enabled": {
"type": "boolean",
"additionalProperties": false
}
},
"additionalProperties": false,
"if": {
"properties": {
"enabled": {
"const": true
}
}
},
"then": {
"required": [
"accountId"
]
}
},
"ConfigConfiguration": {
"type": "object",
"required": [],
"properties": {
"loggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
},
"accessLoggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
}
}
}
}
}
```
## ランディングゾーン 3.3 のスキーマ
```
{
"type": "object",
"required": [
"centralizedLogging",
"organizationStructure",
"securityRoles"
],
"properties": {
"accessManagement": {
"$ref": "#/definitions/AccessManagement"
},
"backup": {
"$ref": "#/definitions/Backup"
},
"centralizedLogging": {
"$ref": "#/definitions/CentralizedLogging"
},
"governedRegions": {
"type": "array",
"items": {
"type": "string",
"maxLength": 24,
"minLength": 1,
"pattern": "^[a-z]{2}-[a-z\\-]*-[0-9]{1}$",
"additionalProperties": false
},
"additionalProperties": false
},
"organizationStructure": {
"$ref": "#/definitions/OrganizationStructure"
},
"securityRoles": {
"$ref": "#/definitions/SecurityRoles"
}
},
"additionalProperties": false,
"definitions": {
"AccessManagement": {
"type": "object",
"required": [
"enabled"
],
"properties": {
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": true
}
},
"additionalProperties": false
},
"Backup": {
"type": "object",
"properties": {
"configurations": {
"$ref": "#/definitions/BackupConfigurations"
},
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": false
}
},
"additionalProperties": false,
"if": {
"properties": {
"enabled": {
"const": true
}
}
},
"then": {
"required": [
"configurations"
]
}
},
"BackupAdminConfigurations": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"BackupConfigurations": {
"type": "object",
"required": [
"backupAdmin",
"centralBackup",
"kmsKeyArn"
],
"properties": {
"backupAdmin": {
"$ref": "#/definitions/BackupAdminConfigurations"
},
"centralBackup": {
"$ref": "#/definitions/CentralBackupConfigurations"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
}
},
"additionalProperties": false
},
"CentralBackupConfigurations": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"CentralizedLogging": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
},
"configurations": {
"$ref": "#/definitions/LoggingConfigurations"
},
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": true
}
},
"additionalProperties": false
},
"LoggingConfigurations": {
"type": "object",
"properties": {
"accessLoggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
},
"loggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
}
},
"additionalProperties": false
},
"OrganizationalUnit": {
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"maxLength": 120,
"minLength": 1,
"pattern": "^[\\s\\S]*$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"OrganizationStructure": {
"type": "object",
"required": [
"security"
],
"properties": {
"sandbox": {
"$ref": "#/definitions/OrganizationalUnit"
},
"security": {
"$ref": "#/definitions/OrganizationalUnit"
}
},
"additionalProperties": false
},
"S3BucketConfiguration": {
"type": "object",
"properties": {
"retentionDays": {
"type": "number",
"minimum": 1,
"additionalProperties": false
}
},
"additionalProperties": false
},
"SecurityRoles": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
}
}
}
```
## ランディングゾーン 3.2 のスキーマ
```
{
"type": "object",
"required": [
"centralizedLogging",
"organizationStructure",
"securityRoles"
],
"properties": {
"accessManagement": {
"$ref": "#/definitions/AccessManagement"
},
"backup": {
"$ref": "#/definitions/Backup"
},
"centralizedLogging": {
"$ref": "#/definitions/CentralizedLogging"
},
"governedRegions": {
"type": "array",
"items": {
"type": "string",
"maxLength": 24,
"minLength": 1,
"pattern": "^[a-z]{2}-[a-z\\-]*-[0-9]{1}$",
"additionalProperties": false
},
"additionalProperties": false
},
"organizationStructure": {
"$ref": "#/definitions/OrganizationStructure"
},
"securityRoles": {
"$ref": "#/definitions/SecurityRoles"
}
},
"additionalProperties": false,
"definitions": {
"AccessManagement": {
"type": "object",
"required": [
"enabled"
],
"properties": {
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": true
}
},
"additionalProperties": false
},
"Backup": {
"type": "object",
"properties": {
"configurations": {
"$ref": "#/definitions/BackupConfigurations"
},
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": false
}
},
"additionalProperties": false,
"if": {
"properties": {
"enabled": {
"const": true
}
}
},
"then": {
"required": [
"configurations"
]
}
},
"BackupAdminConfigurations": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"BackupConfigurations": {
"type": "object",
"required": [
"backupAdmin",
"centralBackup",
"kmsKeyArn"
],
"properties": {
"backupAdmin": {
"$ref": "#/definitions/BackupAdminConfigurations"
},
"centralBackup": {
"$ref": "#/definitions/CentralBackupConfigurations"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
}
},
"additionalProperties": false
},
"CentralBackupConfigurations": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"CentralizedLogging": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
},
"configurations": {
"$ref": "#/definitions/LoggingConfigurations"
},
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": true
}
},
"additionalProperties": false
},
"LoggingConfigurations": {
"type": "object",
"properties": {
"accessLoggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
},
"loggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
}
},
"additionalProperties": false
},
"OrganizationalUnit": {
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"maxLength": 120,
"minLength": 1,
"pattern": "^[\\s\\S]*$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"OrganizationStructure": {
"type": "object",
"required": [
"security"
],
"properties": {
"sandbox": {
"$ref": "#/definitions/OrganizationalUnit"
},
"security": {
"$ref": "#/definitions/OrganizationalUnit"
}
},
"additionalProperties": false
},
"S3BucketConfiguration": {
"type": "object",
"properties": {
"retentionDays": {
"type": "number",
"minimum": 1,
"additionalProperties": false
}
},
"additionalProperties": false
},
"SecurityRoles": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
}
}
}
```
## ランディングゾーン 3.1 のスキーマ
```
{
"type": "object",
"required": [
"centralizedLogging",
"organizationStructure",
"securityRoles"
],
"properties": {
"accessManagement": {
"$ref": "#/definitions/AccessManagement"
},
"backup": {
"$ref": "#/definitions/Backup"
},
"centralizedLogging": {
"$ref": "#/definitions/CentralizedLogging"
},
"governedRegions": {
"type": "array",
"items": {
"type": "string",
"maxLength": 24,
"minLength": 1,
"pattern": "^[a-z]{2}-[a-z\\-]*-[0-9]{1}$",
"additionalProperties": false
},
"additionalProperties": false
},
"organizationStructure": {
"$ref": "#/definitions/OrganizationStructure"
},
"securityRoles": {
"$ref": "#/definitions/SecurityRoles"
}
},
"additionalProperties": false,
"definitions": {
"AccessManagement": {
"type": "object",
"required": [
"enabled"
],
"properties": {
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": true
}
},
"additionalProperties": false
},
"Backup": {
"type": "object",
"properties": {
"configurations": {
"$ref": "#/definitions/BackupConfigurations"
},
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": false
}
},
"additionalProperties": false,
"if": {
"properties": {
"enabled": {
"const": true
}
}
},
"then": {
"required": [
"configurations"
]
}
},
"BackupAdminConfigurations": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"BackupConfigurations": {
"type": "object",
"required": [
"backupAdmin",
"centralBackup",
"kmsKeyArn"
],
"properties": {
"backupAdmin": {
"$ref": "#/definitions/BackupAdminConfigurations"
},
"centralBackup": {
"$ref": "#/definitions/CentralBackupConfigurations"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
}
},
"additionalProperties": false
},
"CentralBackupConfigurations": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"CentralizedLogging": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
},
"configurations": {
"$ref": "#/definitions/LoggingConfigurations"
},
"enabled": {
"type": "boolean",
"additionalProperties": false,
"default": true
}
},
"additionalProperties": false
},
"LoggingConfigurations": {
"type": "object",
"properties": {
"accessLoggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
},
"kmsKeyArn": {
"type": "string",
"maxLength": 2048,
"minLength": 1,
"additionalProperties": false
},
"loggingBucket": {
"$ref": "#/definitions/S3BucketConfiguration"
}
},
"additionalProperties": false
},
"OrganizationalUnit": {
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"maxLength": 120,
"minLength": 1,
"pattern": "^[\\s\\S]*$",
"additionalProperties": false
}
},
"additionalProperties": false
},
"OrganizationStructure": {
"type": "object",
"required": [
"security"
],
"properties": {
"sandbox": {
"$ref": "#/definitions/OrganizationalUnit"
},
"security": {
"$ref": "#/definitions/OrganizationalUnit"
}
},
"additionalProperties": false
},
"S3BucketConfiguration": {
"type": "object",
"properties": {
"retentionDays": {
"type": "number",
"minimum": 1,
"additionalProperties": false
}
},
"additionalProperties": false
},
"SecurityRoles": {
"type": "object",
"required": [
"accountId"
],
"properties": {
"accountId": {
"type": "string",
"maxLength": 12,
"minLength": 12,
"pattern": "^\\d{12}$",
"additionalProperties": false
}
},
"additionalProperties": false
}
}
}
```