Documentation ¶
Index ¶
- type AggregateAuthorization
- type AggregateAuthorizationArgs
- type AggregateAuthorizationState
- type ConfigurationAggregator
- type ConfigurationAggregatorAccountAggregationSource
- type ConfigurationAggregatorAccountAggregationSourceArgs
- func (ConfigurationAggregatorAccountAggregationSourceArgs) ElementType() reflect.Type
- func (i ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourceOutput() ConfigurationAggregatorAccountAggregationSourceOutput
- func (i ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourceOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourceOutput
- func (i ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourcePtrOutput() ConfigurationAggregatorAccountAggregationSourcePtrOutput
- func (i ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourcePtrOutput
- type ConfigurationAggregatorAccountAggregationSourceInput
- type ConfigurationAggregatorAccountAggregationSourceOutput
- func (o ConfigurationAggregatorAccountAggregationSourceOutput) AccountIds() pulumi.StringArrayOutput
- func (o ConfigurationAggregatorAccountAggregationSourceOutput) AllRegions() pulumi.BoolPtrOutput
- func (ConfigurationAggregatorAccountAggregationSourceOutput) ElementType() reflect.Type
- func (o ConfigurationAggregatorAccountAggregationSourceOutput) Regions() pulumi.StringArrayOutput
- func (o ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourceOutput() ConfigurationAggregatorAccountAggregationSourceOutput
- func (o ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourceOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourceOutput
- func (o ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutput() ConfigurationAggregatorAccountAggregationSourcePtrOutput
- func (o ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourcePtrOutput
- type ConfigurationAggregatorAccountAggregationSourcePtrInput
- type ConfigurationAggregatorAccountAggregationSourcePtrOutput
- func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) AccountIds() pulumi.StringArrayOutput
- func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) AllRegions() pulumi.BoolPtrOutput
- func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) Elem() ConfigurationAggregatorAccountAggregationSourceOutput
- func (ConfigurationAggregatorAccountAggregationSourcePtrOutput) ElementType() reflect.Type
- func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) Regions() pulumi.StringArrayOutput
- func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutput() ConfigurationAggregatorAccountAggregationSourcePtrOutput
- func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourcePtrOutput
- type ConfigurationAggregatorArgs
- type ConfigurationAggregatorOrganizationAggregationSource
- type ConfigurationAggregatorOrganizationAggregationSourceArgs
- func (ConfigurationAggregatorOrganizationAggregationSourceArgs) ElementType() reflect.Type
- func (i ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourceOutput() ConfigurationAggregatorOrganizationAggregationSourceOutput
- func (i ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourceOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourceOutput
- func (i ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput() ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
- func (i ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
- type ConfigurationAggregatorOrganizationAggregationSourceInput
- type ConfigurationAggregatorOrganizationAggregationSourceOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) AllRegions() pulumi.BoolPtrOutput
- func (ConfigurationAggregatorOrganizationAggregationSourceOutput) ElementType() reflect.Type
- func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) Regions() pulumi.StringArrayOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) RoleArn() pulumi.StringOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourceOutput() ConfigurationAggregatorOrganizationAggregationSourceOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourceOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourceOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput() ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
- type ConfigurationAggregatorOrganizationAggregationSourcePtrInput
- type ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) AllRegions() pulumi.BoolPtrOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) Elem() ConfigurationAggregatorOrganizationAggregationSourceOutput
- func (ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ElementType() reflect.Type
- func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) Regions() pulumi.StringArrayOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) RoleArn() pulumi.StringPtrOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput() ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
- func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
- type ConfigurationAggregatorState
- type DeliveryChannel
- type DeliveryChannelArgs
- type DeliveryChannelSnapshotDeliveryProperties
- type DeliveryChannelSnapshotDeliveryPropertiesArgs
- func (DeliveryChannelSnapshotDeliveryPropertiesArgs) ElementType() reflect.Type
- func (i DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesOutput() DeliveryChannelSnapshotDeliveryPropertiesOutput
- func (i DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesOutput
- func (i DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput() DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
- func (i DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
- type DeliveryChannelSnapshotDeliveryPropertiesInput
- type DeliveryChannelSnapshotDeliveryPropertiesOutput
- func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) DeliveryFrequency() pulumi.StringPtrOutput
- func (DeliveryChannelSnapshotDeliveryPropertiesOutput) ElementType() reflect.Type
- func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesOutput() DeliveryChannelSnapshotDeliveryPropertiesOutput
- func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesOutput
- func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput() DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
- func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
- type DeliveryChannelSnapshotDeliveryPropertiesPtrInput
- type DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
- func (o DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) DeliveryFrequency() pulumi.StringPtrOutput
- func (o DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) Elem() DeliveryChannelSnapshotDeliveryPropertiesOutput
- func (DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ElementType() reflect.Type
- func (o DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput() DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
- func (o DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
- type DeliveryChannelState
- type OrganizationCustomRule
- type OrganizationCustomRuleArgs
- type OrganizationCustomRuleState
- type OrganizationManagedRule
- type OrganizationManagedRuleArgs
- type OrganizationManagedRuleState
- type Recorder
- type RecorderArgs
- type RecorderRecordingGroup
- type RecorderRecordingGroupArgs
- func (RecorderRecordingGroupArgs) ElementType() reflect.Type
- func (i RecorderRecordingGroupArgs) ToRecorderRecordingGroupOutput() RecorderRecordingGroupOutput
- func (i RecorderRecordingGroupArgs) ToRecorderRecordingGroupOutputWithContext(ctx context.Context) RecorderRecordingGroupOutput
- func (i RecorderRecordingGroupArgs) ToRecorderRecordingGroupPtrOutput() RecorderRecordingGroupPtrOutput
- func (i RecorderRecordingGroupArgs) ToRecorderRecordingGroupPtrOutputWithContext(ctx context.Context) RecorderRecordingGroupPtrOutput
- type RecorderRecordingGroupInput
- type RecorderRecordingGroupOutput
- func (o RecorderRecordingGroupOutput) AllSupported() pulumi.BoolPtrOutput
- func (RecorderRecordingGroupOutput) ElementType() reflect.Type
- func (o RecorderRecordingGroupOutput) IncludeGlobalResourceTypes() pulumi.BoolPtrOutput
- func (o RecorderRecordingGroupOutput) ResourceTypes() pulumi.StringArrayOutput
- func (o RecorderRecordingGroupOutput) ToRecorderRecordingGroupOutput() RecorderRecordingGroupOutput
- func (o RecorderRecordingGroupOutput) ToRecorderRecordingGroupOutputWithContext(ctx context.Context) RecorderRecordingGroupOutput
- func (o RecorderRecordingGroupOutput) ToRecorderRecordingGroupPtrOutput() RecorderRecordingGroupPtrOutput
- func (o RecorderRecordingGroupOutput) ToRecorderRecordingGroupPtrOutputWithContext(ctx context.Context) RecorderRecordingGroupPtrOutput
- type RecorderRecordingGroupPtrInput
- type RecorderRecordingGroupPtrOutput
- func (o RecorderRecordingGroupPtrOutput) AllSupported() pulumi.BoolPtrOutput
- func (o RecorderRecordingGroupPtrOutput) Elem() RecorderRecordingGroupOutput
- func (RecorderRecordingGroupPtrOutput) ElementType() reflect.Type
- func (o RecorderRecordingGroupPtrOutput) IncludeGlobalResourceTypes() pulumi.BoolPtrOutput
- func (o RecorderRecordingGroupPtrOutput) ResourceTypes() pulumi.StringArrayOutput
- func (o RecorderRecordingGroupPtrOutput) ToRecorderRecordingGroupPtrOutput() RecorderRecordingGroupPtrOutput
- func (o RecorderRecordingGroupPtrOutput) ToRecorderRecordingGroupPtrOutputWithContext(ctx context.Context) RecorderRecordingGroupPtrOutput
- type RecorderState
- type RecorderStatus
- type RecorderStatusArgs
- type RecorderStatusState
- type Rule
- type RuleArgs
- type RuleScope
- type RuleScopeArgs
- func (RuleScopeArgs) ElementType() reflect.Type
- func (i RuleScopeArgs) ToRuleScopeOutput() RuleScopeOutput
- func (i RuleScopeArgs) ToRuleScopeOutputWithContext(ctx context.Context) RuleScopeOutput
- func (i RuleScopeArgs) ToRuleScopePtrOutput() RuleScopePtrOutput
- func (i RuleScopeArgs) ToRuleScopePtrOutputWithContext(ctx context.Context) RuleScopePtrOutput
- type RuleScopeInput
- type RuleScopeOutput
- func (o RuleScopeOutput) ComplianceResourceId() pulumi.StringPtrOutput
- func (o RuleScopeOutput) ComplianceResourceTypes() pulumi.StringArrayOutput
- func (RuleScopeOutput) ElementType() reflect.Type
- func (o RuleScopeOutput) TagKey() pulumi.StringPtrOutput
- func (o RuleScopeOutput) TagValue() pulumi.StringPtrOutput
- func (o RuleScopeOutput) ToRuleScopeOutput() RuleScopeOutput
- func (o RuleScopeOutput) ToRuleScopeOutputWithContext(ctx context.Context) RuleScopeOutput
- func (o RuleScopeOutput) ToRuleScopePtrOutput() RuleScopePtrOutput
- func (o RuleScopeOutput) ToRuleScopePtrOutputWithContext(ctx context.Context) RuleScopePtrOutput
- type RuleScopePtrInput
- type RuleScopePtrOutput
- func (o RuleScopePtrOutput) ComplianceResourceId() pulumi.StringPtrOutput
- func (o RuleScopePtrOutput) ComplianceResourceTypes() pulumi.StringArrayOutput
- func (o RuleScopePtrOutput) Elem() RuleScopeOutput
- func (RuleScopePtrOutput) ElementType() reflect.Type
- func (o RuleScopePtrOutput) TagKey() pulumi.StringPtrOutput
- func (o RuleScopePtrOutput) TagValue() pulumi.StringPtrOutput
- func (o RuleScopePtrOutput) ToRuleScopePtrOutput() RuleScopePtrOutput
- func (o RuleScopePtrOutput) ToRuleScopePtrOutputWithContext(ctx context.Context) RuleScopePtrOutput
- type RuleSource
- type RuleSourceArgs
- func (RuleSourceArgs) ElementType() reflect.Type
- func (i RuleSourceArgs) ToRuleSourceOutput() RuleSourceOutput
- func (i RuleSourceArgs) ToRuleSourceOutputWithContext(ctx context.Context) RuleSourceOutput
- func (i RuleSourceArgs) ToRuleSourcePtrOutput() RuleSourcePtrOutput
- func (i RuleSourceArgs) ToRuleSourcePtrOutputWithContext(ctx context.Context) RuleSourcePtrOutput
- type RuleSourceInput
- type RuleSourceOutput
- func (RuleSourceOutput) ElementType() reflect.Type
- func (o RuleSourceOutput) Owner() pulumi.StringOutput
- func (o RuleSourceOutput) SourceDetails() RuleSourceSourceDetailArrayOutput
- func (o RuleSourceOutput) SourceIdentifier() pulumi.StringOutput
- func (o RuleSourceOutput) ToRuleSourceOutput() RuleSourceOutput
- func (o RuleSourceOutput) ToRuleSourceOutputWithContext(ctx context.Context) RuleSourceOutput
- func (o RuleSourceOutput) ToRuleSourcePtrOutput() RuleSourcePtrOutput
- func (o RuleSourceOutput) ToRuleSourcePtrOutputWithContext(ctx context.Context) RuleSourcePtrOutput
- type RuleSourcePtrInput
- type RuleSourcePtrOutput
- func (o RuleSourcePtrOutput) Elem() RuleSourceOutput
- func (RuleSourcePtrOutput) ElementType() reflect.Type
- func (o RuleSourcePtrOutput) Owner() pulumi.StringPtrOutput
- func (o RuleSourcePtrOutput) SourceDetails() RuleSourceSourceDetailArrayOutput
- func (o RuleSourcePtrOutput) SourceIdentifier() pulumi.StringPtrOutput
- func (o RuleSourcePtrOutput) ToRuleSourcePtrOutput() RuleSourcePtrOutput
- func (o RuleSourcePtrOutput) ToRuleSourcePtrOutputWithContext(ctx context.Context) RuleSourcePtrOutput
- type RuleSourceSourceDetail
- type RuleSourceSourceDetailArgs
- type RuleSourceSourceDetailArray
- func (RuleSourceSourceDetailArray) ElementType() reflect.Type
- func (i RuleSourceSourceDetailArray) ToRuleSourceSourceDetailArrayOutput() RuleSourceSourceDetailArrayOutput
- func (i RuleSourceSourceDetailArray) ToRuleSourceSourceDetailArrayOutputWithContext(ctx context.Context) RuleSourceSourceDetailArrayOutput
- type RuleSourceSourceDetailArrayInput
- type RuleSourceSourceDetailArrayOutput
- func (RuleSourceSourceDetailArrayOutput) ElementType() reflect.Type
- func (o RuleSourceSourceDetailArrayOutput) Index(i pulumi.IntInput) RuleSourceSourceDetailOutput
- func (o RuleSourceSourceDetailArrayOutput) ToRuleSourceSourceDetailArrayOutput() RuleSourceSourceDetailArrayOutput
- func (o RuleSourceSourceDetailArrayOutput) ToRuleSourceSourceDetailArrayOutputWithContext(ctx context.Context) RuleSourceSourceDetailArrayOutput
- type RuleSourceSourceDetailInput
- type RuleSourceSourceDetailOutput
- func (RuleSourceSourceDetailOutput) ElementType() reflect.Type
- func (o RuleSourceSourceDetailOutput) EventSource() pulumi.StringPtrOutput
- func (o RuleSourceSourceDetailOutput) MaximumExecutionFrequency() pulumi.StringPtrOutput
- func (o RuleSourceSourceDetailOutput) MessageType() pulumi.StringPtrOutput
- func (o RuleSourceSourceDetailOutput) ToRuleSourceSourceDetailOutput() RuleSourceSourceDetailOutput
- func (o RuleSourceSourceDetailOutput) ToRuleSourceSourceDetailOutputWithContext(ctx context.Context) RuleSourceSourceDetailOutput
- type RuleState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AggregateAuthorization ¶
type AggregateAuthorization struct { pulumi.CustomResourceState // Account ID AccountId pulumi.StringOutput `pulumi:"accountId"` // The ARN of the authorization Arn pulumi.StringOutput `pulumi:"arn"` // Region Region pulumi.StringOutput `pulumi:"region"` // A map of tags to assign to the resource. Tags pulumi.StringMapOutput `pulumi:"tags"` }
Manages an AWS Config Aggregate Authorization
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := cfg.NewAggregateAuthorization(ctx, "example", &cfg.AggregateAuthorizationArgs{ AccountId: pulumi.String("123456789012"), Region: pulumi.String("eu-west-2"), }) if err != nil { return err } return nil }) }
```
func GetAggregateAuthorization ¶
func GetAggregateAuthorization(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AggregateAuthorizationState, opts ...pulumi.ResourceOption) (*AggregateAuthorization, error)
GetAggregateAuthorization gets an existing AggregateAuthorization resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAggregateAuthorization ¶
func NewAggregateAuthorization(ctx *pulumi.Context, name string, args *AggregateAuthorizationArgs, opts ...pulumi.ResourceOption) (*AggregateAuthorization, error)
NewAggregateAuthorization registers a new resource with the given unique name, arguments, and options.
type AggregateAuthorizationArgs ¶
type AggregateAuthorizationArgs struct { // Account ID AccountId pulumi.StringInput // Region Region pulumi.StringInput // A map of tags to assign to the resource. Tags pulumi.StringMapInput }
The set of arguments for constructing a AggregateAuthorization resource.
func (AggregateAuthorizationArgs) ElementType ¶
func (AggregateAuthorizationArgs) ElementType() reflect.Type
type AggregateAuthorizationState ¶
type AggregateAuthorizationState struct { // Account ID AccountId pulumi.StringPtrInput // The ARN of the authorization Arn pulumi.StringPtrInput // Region Region pulumi.StringPtrInput // A map of tags to assign to the resource. Tags pulumi.StringMapInput }
func (AggregateAuthorizationState) ElementType ¶
func (AggregateAuthorizationState) ElementType() reflect.Type
type ConfigurationAggregator ¶
type ConfigurationAggregator struct { pulumi.CustomResourceState // The account(s) to aggregate config data from as documented below. AccountAggregationSource ConfigurationAggregatorAccountAggregationSourcePtrOutput `pulumi:"accountAggregationSource"` // The ARN of the aggregator Arn pulumi.StringOutput `pulumi:"arn"` // The name of the configuration aggregator. Name pulumi.StringOutput `pulumi:"name"` // The organization to aggregate config data from as documented below. OrganizationAggregationSource ConfigurationAggregatorOrganizationAggregationSourcePtrOutput `pulumi:"organizationAggregationSource"` // A map of tags to assign to the resource. Tags pulumi.StringMapOutput `pulumi:"tags"` }
Manages an AWS Config Configuration Aggregator
## Example Usage ### Account Based Aggregation
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := cfg.NewConfigurationAggregator(ctx, "account", &cfg.ConfigurationAggregatorArgs{ AccountAggregationSource: &cfg.ConfigurationAggregatorAccountAggregationSourceArgs{ AccountIds: pulumi.StringArray{ pulumi.String("123456789012"), }, Regions: pulumi.StringArray{ pulumi.String("us-west-2"), }, }, }) if err != nil { return err } return nil }) }
``` ### Organization Based Aggregation
```go package main
import (
"fmt" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/iam" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { organizationRole, err := iam.NewRole(ctx, "organizationRole", &iam.RoleArgs{ AssumeRolePolicy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Sid\": \"\",\n", " \"Effect\": \"Allow\",\n", " \"Principal\": {\n", " \"Service\": \"config.amazonaws.com\"\n", " },\n", " \"Action\": \"sts:AssumeRole\"\n", " }\n", " ]\n", "}\n")), }) if err != nil { return err } organizationRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, "organizationRolePolicyAttachment", &iam.RolePolicyAttachmentArgs{ Role: organizationRole.Name, PolicyArn: pulumi.String("arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations"), }) if err != nil { return err } _, err = cfg.NewConfigurationAggregator(ctx, "organizationConfigurationAggregator", &cfg.ConfigurationAggregatorArgs{ OrganizationAggregationSource: &cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs{ AllRegions: pulumi.Bool(true), RoleArn: organizationRole.Arn, }, }, pulumi.DependsOn([]pulumi.Resource{ organizationRolePolicyAttachment, })) if err != nil { return err } return nil }) }
```
func GetConfigurationAggregator ¶
func GetConfigurationAggregator(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ConfigurationAggregatorState, opts ...pulumi.ResourceOption) (*ConfigurationAggregator, error)
GetConfigurationAggregator gets an existing ConfigurationAggregator resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewConfigurationAggregator ¶
func NewConfigurationAggregator(ctx *pulumi.Context, name string, args *ConfigurationAggregatorArgs, opts ...pulumi.ResourceOption) (*ConfigurationAggregator, error)
NewConfigurationAggregator registers a new resource with the given unique name, arguments, and options.
type ConfigurationAggregatorAccountAggregationSource ¶
type ConfigurationAggregatorAccountAggregationSource struct { // List of 12-digit account IDs of the account(s) being aggregated. AccountIds []string `pulumi:"accountIds"` // If true, aggregate existing AWS Config regions and future regions. AllRegions *bool `pulumi:"allRegions"` // List of source regions being aggregated. Regions []string `pulumi:"regions"` }
type ConfigurationAggregatorAccountAggregationSourceArgs ¶
type ConfigurationAggregatorAccountAggregationSourceArgs struct { // List of 12-digit account IDs of the account(s) being aggregated. AccountIds pulumi.StringArrayInput `pulumi:"accountIds"` // If true, aggregate existing AWS Config regions and future regions. AllRegions pulumi.BoolPtrInput `pulumi:"allRegions"` // List of source regions being aggregated. Regions pulumi.StringArrayInput `pulumi:"regions"` }
func (ConfigurationAggregatorAccountAggregationSourceArgs) ElementType ¶
func (ConfigurationAggregatorAccountAggregationSourceArgs) ElementType() reflect.Type
func (ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourceOutput ¶
func (i ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourceOutput() ConfigurationAggregatorAccountAggregationSourceOutput
func (ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourceOutputWithContext ¶
func (i ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourceOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourceOutput
func (ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourcePtrOutput ¶
func (i ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourcePtrOutput() ConfigurationAggregatorAccountAggregationSourcePtrOutput
func (ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext ¶
func (i ConfigurationAggregatorAccountAggregationSourceArgs) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourcePtrOutput
type ConfigurationAggregatorAccountAggregationSourceInput ¶
type ConfigurationAggregatorAccountAggregationSourceInput interface { pulumi.Input ToConfigurationAggregatorAccountAggregationSourceOutput() ConfigurationAggregatorAccountAggregationSourceOutput ToConfigurationAggregatorAccountAggregationSourceOutputWithContext(context.Context) ConfigurationAggregatorAccountAggregationSourceOutput }
ConfigurationAggregatorAccountAggregationSourceInput is an input type that accepts ConfigurationAggregatorAccountAggregationSourceArgs and ConfigurationAggregatorAccountAggregationSourceOutput values. You can construct a concrete instance of `ConfigurationAggregatorAccountAggregationSourceInput` via:
ConfigurationAggregatorAccountAggregationSourceArgs{...}
type ConfigurationAggregatorAccountAggregationSourceOutput ¶
type ConfigurationAggregatorAccountAggregationSourceOutput struct{ *pulumi.OutputState }
func (ConfigurationAggregatorAccountAggregationSourceOutput) AccountIds ¶
func (o ConfigurationAggregatorAccountAggregationSourceOutput) AccountIds() pulumi.StringArrayOutput
List of 12-digit account IDs of the account(s) being aggregated.
func (ConfigurationAggregatorAccountAggregationSourceOutput) AllRegions ¶
func (o ConfigurationAggregatorAccountAggregationSourceOutput) AllRegions() pulumi.BoolPtrOutput
If true, aggregate existing AWS Config regions and future regions.
func (ConfigurationAggregatorAccountAggregationSourceOutput) ElementType ¶
func (ConfigurationAggregatorAccountAggregationSourceOutput) ElementType() reflect.Type
func (ConfigurationAggregatorAccountAggregationSourceOutput) Regions ¶
func (o ConfigurationAggregatorAccountAggregationSourceOutput) Regions() pulumi.StringArrayOutput
List of source regions being aggregated.
func (ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourceOutput ¶
func (o ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourceOutput() ConfigurationAggregatorAccountAggregationSourceOutput
func (ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourceOutputWithContext ¶
func (o ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourceOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourceOutput
func (ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutput ¶
func (o ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutput() ConfigurationAggregatorAccountAggregationSourcePtrOutput
func (ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext ¶
func (o ConfigurationAggregatorAccountAggregationSourceOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourcePtrOutput
type ConfigurationAggregatorAccountAggregationSourcePtrInput ¶
type ConfigurationAggregatorAccountAggregationSourcePtrInput interface { pulumi.Input ToConfigurationAggregatorAccountAggregationSourcePtrOutput() ConfigurationAggregatorAccountAggregationSourcePtrOutput ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext(context.Context) ConfigurationAggregatorAccountAggregationSourcePtrOutput }
ConfigurationAggregatorAccountAggregationSourcePtrInput is an input type that accepts ConfigurationAggregatorAccountAggregationSourceArgs, ConfigurationAggregatorAccountAggregationSourcePtr and ConfigurationAggregatorAccountAggregationSourcePtrOutput values. You can construct a concrete instance of `ConfigurationAggregatorAccountAggregationSourcePtrInput` via:
ConfigurationAggregatorAccountAggregationSourceArgs{...} or: nil
func ConfigurationAggregatorAccountAggregationSourcePtr ¶
func ConfigurationAggregatorAccountAggregationSourcePtr(v *ConfigurationAggregatorAccountAggregationSourceArgs) ConfigurationAggregatorAccountAggregationSourcePtrInput
type ConfigurationAggregatorAccountAggregationSourcePtrOutput ¶
type ConfigurationAggregatorAccountAggregationSourcePtrOutput struct{ *pulumi.OutputState }
func (ConfigurationAggregatorAccountAggregationSourcePtrOutput) AccountIds ¶
func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) AccountIds() pulumi.StringArrayOutput
List of 12-digit account IDs of the account(s) being aggregated.
func (ConfigurationAggregatorAccountAggregationSourcePtrOutput) AllRegions ¶
func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) AllRegions() pulumi.BoolPtrOutput
If true, aggregate existing AWS Config regions and future regions.
func (ConfigurationAggregatorAccountAggregationSourcePtrOutput) ElementType ¶
func (ConfigurationAggregatorAccountAggregationSourcePtrOutput) ElementType() reflect.Type
func (ConfigurationAggregatorAccountAggregationSourcePtrOutput) Regions ¶
func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) Regions() pulumi.StringArrayOutput
List of source regions being aggregated.
func (ConfigurationAggregatorAccountAggregationSourcePtrOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutput ¶
func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutput() ConfigurationAggregatorAccountAggregationSourcePtrOutput
func (ConfigurationAggregatorAccountAggregationSourcePtrOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext ¶
func (o ConfigurationAggregatorAccountAggregationSourcePtrOutput) ToConfigurationAggregatorAccountAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorAccountAggregationSourcePtrOutput
type ConfigurationAggregatorArgs ¶
type ConfigurationAggregatorArgs struct { // The account(s) to aggregate config data from as documented below. AccountAggregationSource ConfigurationAggregatorAccountAggregationSourcePtrInput // The name of the configuration aggregator. Name pulumi.StringPtrInput // The organization to aggregate config data from as documented below. OrganizationAggregationSource ConfigurationAggregatorOrganizationAggregationSourcePtrInput // A map of tags to assign to the resource. Tags pulumi.StringMapInput }
The set of arguments for constructing a ConfigurationAggregator resource.
func (ConfigurationAggregatorArgs) ElementType ¶
func (ConfigurationAggregatorArgs) ElementType() reflect.Type
type ConfigurationAggregatorOrganizationAggregationSource ¶
type ConfigurationAggregatorOrganizationAggregationSource struct { // If true, aggregate existing AWS Config regions and future regions. AllRegions *bool `pulumi:"allRegions"` // List of source regions being aggregated. Regions []string `pulumi:"regions"` // ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account. RoleArn string `pulumi:"roleArn"` }
type ConfigurationAggregatorOrganizationAggregationSourceArgs ¶
type ConfigurationAggregatorOrganizationAggregationSourceArgs struct { // If true, aggregate existing AWS Config regions and future regions. AllRegions pulumi.BoolPtrInput `pulumi:"allRegions"` // List of source regions being aggregated. Regions pulumi.StringArrayInput `pulumi:"regions"` // ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account. RoleArn pulumi.StringInput `pulumi:"roleArn"` }
func (ConfigurationAggregatorOrganizationAggregationSourceArgs) ElementType ¶
func (ConfigurationAggregatorOrganizationAggregationSourceArgs) ElementType() reflect.Type
func (ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourceOutput ¶
func (i ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourceOutput() ConfigurationAggregatorOrganizationAggregationSourceOutput
func (ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourceOutputWithContext ¶
func (i ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourceOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourceOutput
func (ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput ¶
func (i ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput() ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
func (ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext ¶
func (i ConfigurationAggregatorOrganizationAggregationSourceArgs) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
type ConfigurationAggregatorOrganizationAggregationSourceInput ¶
type ConfigurationAggregatorOrganizationAggregationSourceInput interface { pulumi.Input ToConfigurationAggregatorOrganizationAggregationSourceOutput() ConfigurationAggregatorOrganizationAggregationSourceOutput ToConfigurationAggregatorOrganizationAggregationSourceOutputWithContext(context.Context) ConfigurationAggregatorOrganizationAggregationSourceOutput }
ConfigurationAggregatorOrganizationAggregationSourceInput is an input type that accepts ConfigurationAggregatorOrganizationAggregationSourceArgs and ConfigurationAggregatorOrganizationAggregationSourceOutput values. You can construct a concrete instance of `ConfigurationAggregatorOrganizationAggregationSourceInput` via:
ConfigurationAggregatorOrganizationAggregationSourceArgs{...}
type ConfigurationAggregatorOrganizationAggregationSourceOutput ¶
type ConfigurationAggregatorOrganizationAggregationSourceOutput struct{ *pulumi.OutputState }
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) AllRegions ¶
func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) AllRegions() pulumi.BoolPtrOutput
If true, aggregate existing AWS Config regions and future regions.
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) ElementType ¶
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) ElementType() reflect.Type
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) Regions ¶
func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) Regions() pulumi.StringArrayOutput
List of source regions being aggregated.
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) RoleArn ¶
func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) RoleArn() pulumi.StringOutput
ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourceOutput ¶
func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourceOutput() ConfigurationAggregatorOrganizationAggregationSourceOutput
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourceOutputWithContext ¶
func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourceOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourceOutput
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput ¶
func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput() ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
func (ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext ¶
func (o ConfigurationAggregatorOrganizationAggregationSourceOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
type ConfigurationAggregatorOrganizationAggregationSourcePtrInput ¶
type ConfigurationAggregatorOrganizationAggregationSourcePtrInput interface { pulumi.Input ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput() ConfigurationAggregatorOrganizationAggregationSourcePtrOutput ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext(context.Context) ConfigurationAggregatorOrganizationAggregationSourcePtrOutput }
ConfigurationAggregatorOrganizationAggregationSourcePtrInput is an input type that accepts ConfigurationAggregatorOrganizationAggregationSourceArgs, ConfigurationAggregatorOrganizationAggregationSourcePtr and ConfigurationAggregatorOrganizationAggregationSourcePtrOutput values. You can construct a concrete instance of `ConfigurationAggregatorOrganizationAggregationSourcePtrInput` via:
ConfigurationAggregatorOrganizationAggregationSourceArgs{...} or: nil
func ConfigurationAggregatorOrganizationAggregationSourcePtr ¶
func ConfigurationAggregatorOrganizationAggregationSourcePtr(v *ConfigurationAggregatorOrganizationAggregationSourceArgs) ConfigurationAggregatorOrganizationAggregationSourcePtrInput
type ConfigurationAggregatorOrganizationAggregationSourcePtrOutput ¶
type ConfigurationAggregatorOrganizationAggregationSourcePtrOutput struct{ *pulumi.OutputState }
func (ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) AllRegions ¶
func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) AllRegions() pulumi.BoolPtrOutput
If true, aggregate existing AWS Config regions and future regions.
func (ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ElementType ¶
func (ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ElementType() reflect.Type
func (ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) Regions ¶
func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) Regions() pulumi.StringArrayOutput
List of source regions being aggregated.
func (ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) RoleArn ¶
func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) RoleArn() pulumi.StringPtrOutput
ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
func (ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput ¶
func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutput() ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
func (ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext ¶
func (o ConfigurationAggregatorOrganizationAggregationSourcePtrOutput) ToConfigurationAggregatorOrganizationAggregationSourcePtrOutputWithContext(ctx context.Context) ConfigurationAggregatorOrganizationAggregationSourcePtrOutput
type ConfigurationAggregatorState ¶
type ConfigurationAggregatorState struct { // The account(s) to aggregate config data from as documented below. AccountAggregationSource ConfigurationAggregatorAccountAggregationSourcePtrInput // The ARN of the aggregator Arn pulumi.StringPtrInput // The name of the configuration aggregator. Name pulumi.StringPtrInput // The organization to aggregate config data from as documented below. OrganizationAggregationSource ConfigurationAggregatorOrganizationAggregationSourcePtrInput // A map of tags to assign to the resource. Tags pulumi.StringMapInput }
func (ConfigurationAggregatorState) ElementType ¶
func (ConfigurationAggregatorState) ElementType() reflect.Type
type DeliveryChannel ¶
type DeliveryChannel struct { pulumi.CustomResourceState // The name of the delivery channel. Defaults to `default`. Changing it recreates the resource. Name pulumi.StringOutput `pulumi:"name"` // The name of the S3 bucket used to store the configuration history. S3BucketName pulumi.StringOutput `pulumi:"s3BucketName"` // The prefix for the specified S3 bucket. S3KeyPrefix pulumi.StringPtrOutput `pulumi:"s3KeyPrefix"` // Options for how AWS Config delivers configuration snapshots. See below SnapshotDeliveryProperties DeliveryChannelSnapshotDeliveryPropertiesPtrOutput `pulumi:"snapshotDeliveryProperties"` // The ARN of the SNS topic that AWS Config delivers notifications to. SnsTopicArn pulumi.StringPtrOutput `pulumi:"snsTopicArn"` }
Provides an AWS Config Delivery Channel.
> **Note:** Delivery Channel requires a `Configuration Recorder` to be present. Use of `dependsOn` (as shown below) is recommended to avoid race conditions.
## Example Usage
```go package main
import (
"fmt" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/iam" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/s3" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { bucket, err := s3.NewBucket(ctx, "bucket", &s3.BucketArgs{ ForceDestroy: pulumi.Bool(true), }) if err != nil { return err } role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{ AssumeRolePolicy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"sts:AssumeRole\",\n", " \"Principal\": {\n", " \"Service\": \"config.amazonaws.com\"\n", " },\n", " \"Effect\": \"Allow\",\n", " \"Sid\": \"\"\n", " }\n", " ]\n", "}\n")), }) if err != nil { return err } fooRecorder, err := cfg.NewRecorder(ctx, "fooRecorder", &cfg.RecorderArgs{ RoleArn: role.Arn, }) if err != nil { return err } _, err = cfg.NewDeliveryChannel(ctx, "fooDeliveryChannel", &cfg.DeliveryChannelArgs{ S3BucketName: bucket.Bucket, }, pulumi.DependsOn([]pulumi.Resource{ fooRecorder, })) if err != nil { return err } _, err = iam.NewRolePolicy(ctx, "rolePolicy", &iam.RolePolicyArgs{ Role: role.ID(), Policy: pulumi.All(bucket.Arn, bucket.Arn).ApplyT(func(_args []interface{}) (string, error) { bucketArn := _args[0].(string) bucketArn1 := _args[1].(string) return fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": [\n", " \"s3:*\"\n", " ],\n", " \"Effect\": \"Allow\",\n", " \"Resource\": [\n", " \"", bucketArn, "\",\n", " \"", bucketArn1, "/*\"\n", " ]\n", " }\n", " ]\n", "}\n"), nil }).(pulumi.StringOutput), }) if err != nil { return err } return nil }) }
```
func GetDeliveryChannel ¶
func GetDeliveryChannel(ctx *pulumi.Context, name string, id pulumi.IDInput, state *DeliveryChannelState, opts ...pulumi.ResourceOption) (*DeliveryChannel, error)
GetDeliveryChannel gets an existing DeliveryChannel resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewDeliveryChannel ¶
func NewDeliveryChannel(ctx *pulumi.Context, name string, args *DeliveryChannelArgs, opts ...pulumi.ResourceOption) (*DeliveryChannel, error)
NewDeliveryChannel registers a new resource with the given unique name, arguments, and options.
type DeliveryChannelArgs ¶
type DeliveryChannelArgs struct { // The name of the delivery channel. Defaults to `default`. Changing it recreates the resource. Name pulumi.StringPtrInput // The name of the S3 bucket used to store the configuration history. S3BucketName pulumi.StringInput // The prefix for the specified S3 bucket. S3KeyPrefix pulumi.StringPtrInput // Options for how AWS Config delivers configuration snapshots. See below SnapshotDeliveryProperties DeliveryChannelSnapshotDeliveryPropertiesPtrInput // The ARN of the SNS topic that AWS Config delivers notifications to. SnsTopicArn pulumi.StringPtrInput }
The set of arguments for constructing a DeliveryChannel resource.
func (DeliveryChannelArgs) ElementType ¶
func (DeliveryChannelArgs) ElementType() reflect.Type
type DeliveryChannelSnapshotDeliveryProperties ¶
type DeliveryChannelSnapshotDeliveryProperties struct { // - The frequency with which AWS Config recurringly delivers configuration snapshots. // e.g. `One_Hour` or `Three_Hours`. // Valid values are listed [here](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents). DeliveryFrequency *string `pulumi:"deliveryFrequency"` }
type DeliveryChannelSnapshotDeliveryPropertiesArgs ¶
type DeliveryChannelSnapshotDeliveryPropertiesArgs struct { // - The frequency with which AWS Config recurringly delivers configuration snapshots. // e.g. `One_Hour` or `Three_Hours`. // Valid values are listed [here](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents). DeliveryFrequency pulumi.StringPtrInput `pulumi:"deliveryFrequency"` }
func (DeliveryChannelSnapshotDeliveryPropertiesArgs) ElementType ¶
func (DeliveryChannelSnapshotDeliveryPropertiesArgs) ElementType() reflect.Type
func (DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesOutput ¶
func (i DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesOutput() DeliveryChannelSnapshotDeliveryPropertiesOutput
func (DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesOutputWithContext ¶
func (i DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesOutput
func (DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput ¶
func (i DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput() DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
func (DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext ¶
func (i DeliveryChannelSnapshotDeliveryPropertiesArgs) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
type DeliveryChannelSnapshotDeliveryPropertiesInput ¶
type DeliveryChannelSnapshotDeliveryPropertiesInput interface { pulumi.Input ToDeliveryChannelSnapshotDeliveryPropertiesOutput() DeliveryChannelSnapshotDeliveryPropertiesOutput ToDeliveryChannelSnapshotDeliveryPropertiesOutputWithContext(context.Context) DeliveryChannelSnapshotDeliveryPropertiesOutput }
DeliveryChannelSnapshotDeliveryPropertiesInput is an input type that accepts DeliveryChannelSnapshotDeliveryPropertiesArgs and DeliveryChannelSnapshotDeliveryPropertiesOutput values. You can construct a concrete instance of `DeliveryChannelSnapshotDeliveryPropertiesInput` via:
DeliveryChannelSnapshotDeliveryPropertiesArgs{...}
type DeliveryChannelSnapshotDeliveryPropertiesOutput ¶
type DeliveryChannelSnapshotDeliveryPropertiesOutput struct{ *pulumi.OutputState }
func (DeliveryChannelSnapshotDeliveryPropertiesOutput) DeliveryFrequency ¶
func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) DeliveryFrequency() pulumi.StringPtrOutput
- The frequency with which AWS Config recurringly delivers configuration snapshots. e.g. `One_Hour` or `Three_Hours`. Valid values are listed [here](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents).
func (DeliveryChannelSnapshotDeliveryPropertiesOutput) ElementType ¶
func (DeliveryChannelSnapshotDeliveryPropertiesOutput) ElementType() reflect.Type
func (DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesOutput ¶
func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesOutput() DeliveryChannelSnapshotDeliveryPropertiesOutput
func (DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesOutputWithContext ¶
func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesOutput
func (DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput ¶
func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput() DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
func (DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext ¶
func (o DeliveryChannelSnapshotDeliveryPropertiesOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
type DeliveryChannelSnapshotDeliveryPropertiesPtrInput ¶
type DeliveryChannelSnapshotDeliveryPropertiesPtrInput interface { pulumi.Input ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput() DeliveryChannelSnapshotDeliveryPropertiesPtrOutput ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext(context.Context) DeliveryChannelSnapshotDeliveryPropertiesPtrOutput }
DeliveryChannelSnapshotDeliveryPropertiesPtrInput is an input type that accepts DeliveryChannelSnapshotDeliveryPropertiesArgs, DeliveryChannelSnapshotDeliveryPropertiesPtr and DeliveryChannelSnapshotDeliveryPropertiesPtrOutput values. You can construct a concrete instance of `DeliveryChannelSnapshotDeliveryPropertiesPtrInput` via:
DeliveryChannelSnapshotDeliveryPropertiesArgs{...} or: nil
func DeliveryChannelSnapshotDeliveryPropertiesPtr ¶
func DeliveryChannelSnapshotDeliveryPropertiesPtr(v *DeliveryChannelSnapshotDeliveryPropertiesArgs) DeliveryChannelSnapshotDeliveryPropertiesPtrInput
type DeliveryChannelSnapshotDeliveryPropertiesPtrOutput ¶
type DeliveryChannelSnapshotDeliveryPropertiesPtrOutput struct{ *pulumi.OutputState }
func (DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) DeliveryFrequency ¶
func (o DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) DeliveryFrequency() pulumi.StringPtrOutput
- The frequency with which AWS Config recurringly delivers configuration snapshots. e.g. `One_Hour` or `Three_Hours`. Valid values are listed [here](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents).
func (DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ElementType ¶
func (DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ElementType() reflect.Type
func (DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput ¶
func (o DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutput() DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
func (DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext ¶
func (o DeliveryChannelSnapshotDeliveryPropertiesPtrOutput) ToDeliveryChannelSnapshotDeliveryPropertiesPtrOutputWithContext(ctx context.Context) DeliveryChannelSnapshotDeliveryPropertiesPtrOutput
type DeliveryChannelState ¶
type DeliveryChannelState struct { // The name of the delivery channel. Defaults to `default`. Changing it recreates the resource. Name pulumi.StringPtrInput // The name of the S3 bucket used to store the configuration history. S3BucketName pulumi.StringPtrInput // The prefix for the specified S3 bucket. S3KeyPrefix pulumi.StringPtrInput // Options for how AWS Config delivers configuration snapshots. See below SnapshotDeliveryProperties DeliveryChannelSnapshotDeliveryPropertiesPtrInput // The ARN of the SNS topic that AWS Config delivers notifications to. SnsTopicArn pulumi.StringPtrInput }
func (DeliveryChannelState) ElementType ¶
func (DeliveryChannelState) ElementType() reflect.Type
type OrganizationCustomRule ¶
type OrganizationCustomRule struct { pulumi.CustomResourceState // Amazon Resource Name (ARN) of the rule Arn pulumi.StringOutput `pulumi:"arn"` // Description of the rule Description pulumi.StringPtrOutput `pulumi:"description"` // List of AWS account identifiers to exclude from the rule ExcludedAccounts pulumi.StringArrayOutput `pulumi:"excludedAccounts"` // A string in JSON format that is passed to the AWS Config Rule Lambda Function InputParameters pulumi.StringPtrOutput `pulumi:"inputParameters"` // Amazon Resource Name (ARN) of the rule Lambda Function LambdaFunctionArn pulumi.StringOutput `pulumi:"lambdaFunctionArn"` // The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`. MaximumExecutionFrequency pulumi.StringPtrOutput `pulumi:"maximumExecutionFrequency"` // The name of the rule Name pulumi.StringOutput `pulumi:"name"` // Identifier of the AWS resource to evaluate ResourceIdScope pulumi.StringPtrOutput `pulumi:"resourceIdScope"` // List of types of AWS resources to evaluate ResourceTypesScopes pulumi.StringArrayOutput `pulumi:"resourceTypesScopes"` // Tag key of AWS resources to evaluate TagKeyScope pulumi.StringPtrOutput `pulumi:"tagKeyScope"` // Tag value of AWS resources to evaluate TagValueScope pulumi.StringPtrOutput `pulumi:"tagValueScope"` // List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification` TriggerTypes pulumi.StringArrayOutput `pulumi:"triggerTypes"` }
Manages a Config Organization Custom Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Managed Rules (those invoking an AWS managed rule), see the `aws_config_organization_managed__rule` resource.
> **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excludedAccounts` argument.
> **NOTE:** The proper Lambda permission to allow the AWS Config service invoke the Lambda Function must be in place before the rule will successfully create or update. See also the `lambda.Permission` resource.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/lambda" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { examplePermission, err := lambda.NewPermission(ctx, "examplePermission", &lambda.PermissionArgs{ Action: pulumi.String("lambda:InvokeFunction"), Function: pulumi.Any(aws_lambda_function.Example.Arn), Principal: pulumi.String("config.amazonaws.com"), }) if err != nil { return err } exampleOrganization, err := organizations.NewOrganization(ctx, "exampleOrganization", &organizations.OrganizationArgs{ AwsServiceAccessPrincipals: pulumi.StringArray{ pulumi.String("config-multiaccountsetup.amazonaws.com"), }, FeatureSet: pulumi.String("ALL"), }) if err != nil { return err } _, err = cfg.NewOrganizationCustomRule(ctx, "exampleOrganizationCustomRule", &cfg.OrganizationCustomRuleArgs{ LambdaFunctionArn: pulumi.Any(aws_lambda_function.Example.Arn), TriggerTypes: pulumi.StringArray{ pulumi.String("ConfigurationItemChangeNotification"), }, }, pulumi.DependsOn([]pulumi.Resource{ examplePermission, exampleOrganization, })) if err != nil { return err } return nil }) }
```
func GetOrganizationCustomRule ¶
func GetOrganizationCustomRule(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OrganizationCustomRuleState, opts ...pulumi.ResourceOption) (*OrganizationCustomRule, error)
GetOrganizationCustomRule gets an existing OrganizationCustomRule resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOrganizationCustomRule ¶
func NewOrganizationCustomRule(ctx *pulumi.Context, name string, args *OrganizationCustomRuleArgs, opts ...pulumi.ResourceOption) (*OrganizationCustomRule, error)
NewOrganizationCustomRule registers a new resource with the given unique name, arguments, and options.
type OrganizationCustomRuleArgs ¶
type OrganizationCustomRuleArgs struct { // Description of the rule Description pulumi.StringPtrInput // List of AWS account identifiers to exclude from the rule ExcludedAccounts pulumi.StringArrayInput // A string in JSON format that is passed to the AWS Config Rule Lambda Function InputParameters pulumi.StringPtrInput // Amazon Resource Name (ARN) of the rule Lambda Function LambdaFunctionArn pulumi.StringInput // The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`. MaximumExecutionFrequency pulumi.StringPtrInput // The name of the rule Name pulumi.StringPtrInput // Identifier of the AWS resource to evaluate ResourceIdScope pulumi.StringPtrInput // List of types of AWS resources to evaluate ResourceTypesScopes pulumi.StringArrayInput // Tag key of AWS resources to evaluate TagKeyScope pulumi.StringPtrInput // Tag value of AWS resources to evaluate TagValueScope pulumi.StringPtrInput // List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification` TriggerTypes pulumi.StringArrayInput }
The set of arguments for constructing a OrganizationCustomRule resource.
func (OrganizationCustomRuleArgs) ElementType ¶
func (OrganizationCustomRuleArgs) ElementType() reflect.Type
type OrganizationCustomRuleState ¶
type OrganizationCustomRuleState struct { // Amazon Resource Name (ARN) of the rule Arn pulumi.StringPtrInput // Description of the rule Description pulumi.StringPtrInput // List of AWS account identifiers to exclude from the rule ExcludedAccounts pulumi.StringArrayInput // A string in JSON format that is passed to the AWS Config Rule Lambda Function InputParameters pulumi.StringPtrInput // Amazon Resource Name (ARN) of the rule Lambda Function LambdaFunctionArn pulumi.StringPtrInput // The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`. MaximumExecutionFrequency pulumi.StringPtrInput // The name of the rule Name pulumi.StringPtrInput // Identifier of the AWS resource to evaluate ResourceIdScope pulumi.StringPtrInput // List of types of AWS resources to evaluate ResourceTypesScopes pulumi.StringArrayInput // Tag key of AWS resources to evaluate TagKeyScope pulumi.StringPtrInput // Tag value of AWS resources to evaluate TagValueScope pulumi.StringPtrInput // List of notification types that trigger AWS Config to run an evaluation for the rule. Valid values: `ConfigurationItemChangeNotification`, `OversizedConfigurationItemChangeNotification`, and `ScheduledNotification` TriggerTypes pulumi.StringArrayInput }
func (OrganizationCustomRuleState) ElementType ¶
func (OrganizationCustomRuleState) ElementType() reflect.Type
type OrganizationManagedRule ¶
type OrganizationManagedRule struct { pulumi.CustomResourceState // Amazon Resource Name (ARN) of the rule Arn pulumi.StringOutput `pulumi:"arn"` // Description of the rule Description pulumi.StringPtrOutput `pulumi:"description"` // List of AWS account identifiers to exclude from the rule ExcludedAccounts pulumi.StringArrayOutput `pulumi:"excludedAccounts"` // A string in JSON format that is passed to the AWS Config Rule Lambda Function InputParameters pulumi.StringPtrOutput `pulumi:"inputParameters"` // The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`. MaximumExecutionFrequency pulumi.StringPtrOutput `pulumi:"maximumExecutionFrequency"` // The name of the rule Name pulumi.StringOutput `pulumi:"name"` // Identifier of the AWS resource to evaluate ResourceIdScope pulumi.StringPtrOutput `pulumi:"resourceIdScope"` // List of types of AWS resources to evaluate ResourceTypesScopes pulumi.StringArrayOutput `pulumi:"resourceTypesScopes"` // Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation RuleIdentifier pulumi.StringOutput `pulumi:"ruleIdentifier"` // Tag key of AWS resources to evaluate TagKeyScope pulumi.StringPtrOutput `pulumi:"tagKeyScope"` // Tag value of AWS resources to evaluate TagValueScope pulumi.StringPtrOutput `pulumi:"tagValueScope"` }
Manages a Config Organization Managed Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Custom Rules (those invoking a custom Lambda Function), see the `cfg.OrganizationCustomRule` resource.
> **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excludedAccounts` argument.
> **NOTE:** Every Organization account except those configured in the `excludedAccounts` argument must have a Configuration Recorder with proper IAM permissions before the rule will successfully create or update. See also the `cfg.Recorder` resource.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleOrganization, err := organizations.NewOrganization(ctx, "exampleOrganization", &organizations.OrganizationArgs{ AwsServiceAccessPrincipals: pulumi.StringArray{ pulumi.String("config-multiaccountsetup.amazonaws.com"), }, FeatureSet: pulumi.String("ALL"), }) if err != nil { return err } _, err = cfg.NewOrganizationManagedRule(ctx, "exampleOrganizationManagedRule", &cfg.OrganizationManagedRuleArgs{ RuleIdentifier: pulumi.String("IAM_PASSWORD_POLICY"), }, pulumi.DependsOn([]pulumi.Resource{ exampleOrganization, })) if err != nil { return err } return nil }) }
```
func GetOrganizationManagedRule ¶
func GetOrganizationManagedRule(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OrganizationManagedRuleState, opts ...pulumi.ResourceOption) (*OrganizationManagedRule, error)
GetOrganizationManagedRule gets an existing OrganizationManagedRule resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOrganizationManagedRule ¶
func NewOrganizationManagedRule(ctx *pulumi.Context, name string, args *OrganizationManagedRuleArgs, opts ...pulumi.ResourceOption) (*OrganizationManagedRule, error)
NewOrganizationManagedRule registers a new resource with the given unique name, arguments, and options.
type OrganizationManagedRuleArgs ¶
type OrganizationManagedRuleArgs struct { // Description of the rule Description pulumi.StringPtrInput // List of AWS account identifiers to exclude from the rule ExcludedAccounts pulumi.StringArrayInput // A string in JSON format that is passed to the AWS Config Rule Lambda Function InputParameters pulumi.StringPtrInput // The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`. MaximumExecutionFrequency pulumi.StringPtrInput // The name of the rule Name pulumi.StringPtrInput // Identifier of the AWS resource to evaluate ResourceIdScope pulumi.StringPtrInput // List of types of AWS resources to evaluate ResourceTypesScopes pulumi.StringArrayInput // Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation RuleIdentifier pulumi.StringInput // Tag key of AWS resources to evaluate TagKeyScope pulumi.StringPtrInput // Tag value of AWS resources to evaluate TagValueScope pulumi.StringPtrInput }
The set of arguments for constructing a OrganizationManagedRule resource.
func (OrganizationManagedRuleArgs) ElementType ¶
func (OrganizationManagedRuleArgs) ElementType() reflect.Type
type OrganizationManagedRuleState ¶
type OrganizationManagedRuleState struct { // Amazon Resource Name (ARN) of the rule Arn pulumi.StringPtrInput // Description of the rule Description pulumi.StringPtrInput // List of AWS account identifiers to exclude from the rule ExcludedAccounts pulumi.StringArrayInput // A string in JSON format that is passed to the AWS Config Rule Lambda Function InputParameters pulumi.StringPtrInput // The maximum frequency with which AWS Config runs evaluations for a rule, if the rule is triggered at a periodic frequency. Defaults to `TwentyFour_Hours` for periodic frequency triggered rules. Valid values: `One_Hour`, `Three_Hours`, `Six_Hours`, `Twelve_Hours`, or `TwentyFour_Hours`. MaximumExecutionFrequency pulumi.StringPtrInput // The name of the rule Name pulumi.StringPtrInput // Identifier of the AWS resource to evaluate ResourceIdScope pulumi.StringPtrInput // List of types of AWS resources to evaluate ResourceTypesScopes pulumi.StringArrayInput // Identifier of an available AWS Config Managed Rule to call. For available values, see the [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) documentation RuleIdentifier pulumi.StringPtrInput // Tag key of AWS resources to evaluate TagKeyScope pulumi.StringPtrInput // Tag value of AWS resources to evaluate TagValueScope pulumi.StringPtrInput }
func (OrganizationManagedRuleState) ElementType ¶
func (OrganizationManagedRuleState) ElementType() reflect.Type
type Recorder ¶
type Recorder struct { pulumi.CustomResourceState // The name of the recorder. Defaults to `default`. Changing it recreates the resource. Name pulumi.StringOutput `pulumi:"name"` // Recording group - see below. RecordingGroup RecorderRecordingGroupOutput `pulumi:"recordingGroup"` // Amazon Resource Name (ARN) of the IAM role. // used to make read or write requests to the delivery channel and to describe the AWS resources associated with the account. // See [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details. RoleArn pulumi.StringOutput `pulumi:"roleArn"` }
Provides an AWS Config Configuration Recorder. Please note that this resource **does not start** the created recorder automatically.
> **Note:** _Starting_ the Configuration Recorder requires a `delivery channel` (while delivery channel creation requires Configuration Recorder). This is why `cfg.RecorderStatus` is a separate resource.
## Example Usage
```go package main
import (
"fmt" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/iam" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{ AssumeRolePolicy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"sts:AssumeRole\",\n", " \"Principal\": {\n", " \"Service\": \"config.amazonaws.com\"\n", " },\n", " \"Effect\": \"Allow\",\n", " \"Sid\": \"\"\n", " }\n", " ]\n", "}\n")), }) if err != nil { return err } _, err = cfg.NewRecorder(ctx, "foo", &cfg.RecorderArgs{ RoleArn: role.Arn, }) if err != nil { return err } return nil }) }
```
func GetRecorder ¶
func GetRecorder(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RecorderState, opts ...pulumi.ResourceOption) (*Recorder, error)
GetRecorder gets an existing Recorder resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRecorder ¶
func NewRecorder(ctx *pulumi.Context, name string, args *RecorderArgs, opts ...pulumi.ResourceOption) (*Recorder, error)
NewRecorder registers a new resource with the given unique name, arguments, and options.
type RecorderArgs ¶
type RecorderArgs struct { // The name of the recorder. Defaults to `default`. Changing it recreates the resource. Name pulumi.StringPtrInput // Recording group - see below. RecordingGroup RecorderRecordingGroupPtrInput // Amazon Resource Name (ARN) of the IAM role. // used to make read or write requests to the delivery channel and to describe the AWS resources associated with the account. // See [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details. RoleArn pulumi.StringInput }
The set of arguments for constructing a Recorder resource.
func (RecorderArgs) ElementType ¶
func (RecorderArgs) ElementType() reflect.Type
type RecorderRecordingGroup ¶
type RecorderRecordingGroup struct { // Specifies whether AWS Config records configuration changes // for every supported type of regional resource (which includes any new type that will become supported in the future). // Conflicts with `resourceTypes`. Defaults to `true`. AllSupported *bool `pulumi:"allSupported"` // Specifies whether AWS Config includes all supported types of *global resources* // with the resources that it records. Requires `allSupported = true`. Conflicts with `resourceTypes`. IncludeGlobalResourceTypes *bool `pulumi:"includeGlobalResourceTypes"` // A list that specifies the types of AWS resources for which // AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`). // See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. ResourceTypes []string `pulumi:"resourceTypes"` }
type RecorderRecordingGroupArgs ¶
type RecorderRecordingGroupArgs struct { // Specifies whether AWS Config records configuration changes // for every supported type of regional resource (which includes any new type that will become supported in the future). // Conflicts with `resourceTypes`. Defaults to `true`. AllSupported pulumi.BoolPtrInput `pulumi:"allSupported"` // Specifies whether AWS Config includes all supported types of *global resources* // with the resources that it records. Requires `allSupported = true`. Conflicts with `resourceTypes`. IncludeGlobalResourceTypes pulumi.BoolPtrInput `pulumi:"includeGlobalResourceTypes"` // A list that specifies the types of AWS resources for which // AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`). // See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. ResourceTypes pulumi.StringArrayInput `pulumi:"resourceTypes"` }
func (RecorderRecordingGroupArgs) ElementType ¶
func (RecorderRecordingGroupArgs) ElementType() reflect.Type
func (RecorderRecordingGroupArgs) ToRecorderRecordingGroupOutput ¶
func (i RecorderRecordingGroupArgs) ToRecorderRecordingGroupOutput() RecorderRecordingGroupOutput
func (RecorderRecordingGroupArgs) ToRecorderRecordingGroupOutputWithContext ¶
func (i RecorderRecordingGroupArgs) ToRecorderRecordingGroupOutputWithContext(ctx context.Context) RecorderRecordingGroupOutput
func (RecorderRecordingGroupArgs) ToRecorderRecordingGroupPtrOutput ¶
func (i RecorderRecordingGroupArgs) ToRecorderRecordingGroupPtrOutput() RecorderRecordingGroupPtrOutput
func (RecorderRecordingGroupArgs) ToRecorderRecordingGroupPtrOutputWithContext ¶
func (i RecorderRecordingGroupArgs) ToRecorderRecordingGroupPtrOutputWithContext(ctx context.Context) RecorderRecordingGroupPtrOutput
type RecorderRecordingGroupInput ¶
type RecorderRecordingGroupInput interface { pulumi.Input ToRecorderRecordingGroupOutput() RecorderRecordingGroupOutput ToRecorderRecordingGroupOutputWithContext(context.Context) RecorderRecordingGroupOutput }
RecorderRecordingGroupInput is an input type that accepts RecorderRecordingGroupArgs and RecorderRecordingGroupOutput values. You can construct a concrete instance of `RecorderRecordingGroupInput` via:
RecorderRecordingGroupArgs{...}
type RecorderRecordingGroupOutput ¶
type RecorderRecordingGroupOutput struct{ *pulumi.OutputState }
func (RecorderRecordingGroupOutput) AllSupported ¶
func (o RecorderRecordingGroupOutput) AllSupported() pulumi.BoolPtrOutput
Specifies whether AWS Config records configuration changes for every supported type of regional resource (which includes any new type that will become supported in the future). Conflicts with `resourceTypes`. Defaults to `true`.
func (RecorderRecordingGroupOutput) ElementType ¶
func (RecorderRecordingGroupOutput) ElementType() reflect.Type
func (RecorderRecordingGroupOutput) IncludeGlobalResourceTypes ¶
func (o RecorderRecordingGroupOutput) IncludeGlobalResourceTypes() pulumi.BoolPtrOutput
Specifies whether AWS Config includes all supported types of *global resources* with the resources that it records. Requires `allSupported = true`. Conflicts with `resourceTypes`.
func (RecorderRecordingGroupOutput) ResourceTypes ¶
func (o RecorderRecordingGroupOutput) ResourceTypes() pulumi.StringArrayOutput
A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`). See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types.
func (RecorderRecordingGroupOutput) ToRecorderRecordingGroupOutput ¶
func (o RecorderRecordingGroupOutput) ToRecorderRecordingGroupOutput() RecorderRecordingGroupOutput
func (RecorderRecordingGroupOutput) ToRecorderRecordingGroupOutputWithContext ¶
func (o RecorderRecordingGroupOutput) ToRecorderRecordingGroupOutputWithContext(ctx context.Context) RecorderRecordingGroupOutput
func (RecorderRecordingGroupOutput) ToRecorderRecordingGroupPtrOutput ¶
func (o RecorderRecordingGroupOutput) ToRecorderRecordingGroupPtrOutput() RecorderRecordingGroupPtrOutput
func (RecorderRecordingGroupOutput) ToRecorderRecordingGroupPtrOutputWithContext ¶
func (o RecorderRecordingGroupOutput) ToRecorderRecordingGroupPtrOutputWithContext(ctx context.Context) RecorderRecordingGroupPtrOutput
type RecorderRecordingGroupPtrInput ¶
type RecorderRecordingGroupPtrInput interface { pulumi.Input ToRecorderRecordingGroupPtrOutput() RecorderRecordingGroupPtrOutput ToRecorderRecordingGroupPtrOutputWithContext(context.Context) RecorderRecordingGroupPtrOutput }
RecorderRecordingGroupPtrInput is an input type that accepts RecorderRecordingGroupArgs, RecorderRecordingGroupPtr and RecorderRecordingGroupPtrOutput values. You can construct a concrete instance of `RecorderRecordingGroupPtrInput` via:
RecorderRecordingGroupArgs{...} or: nil
func RecorderRecordingGroupPtr ¶
func RecorderRecordingGroupPtr(v *RecorderRecordingGroupArgs) RecorderRecordingGroupPtrInput
type RecorderRecordingGroupPtrOutput ¶
type RecorderRecordingGroupPtrOutput struct{ *pulumi.OutputState }
func (RecorderRecordingGroupPtrOutput) AllSupported ¶
func (o RecorderRecordingGroupPtrOutput) AllSupported() pulumi.BoolPtrOutput
Specifies whether AWS Config records configuration changes for every supported type of regional resource (which includes any new type that will become supported in the future). Conflicts with `resourceTypes`. Defaults to `true`.
func (RecorderRecordingGroupPtrOutput) Elem ¶
func (o RecorderRecordingGroupPtrOutput) Elem() RecorderRecordingGroupOutput
func (RecorderRecordingGroupPtrOutput) ElementType ¶
func (RecorderRecordingGroupPtrOutput) ElementType() reflect.Type
func (RecorderRecordingGroupPtrOutput) IncludeGlobalResourceTypes ¶
func (o RecorderRecordingGroupPtrOutput) IncludeGlobalResourceTypes() pulumi.BoolPtrOutput
Specifies whether AWS Config includes all supported types of *global resources* with the resources that it records. Requires `allSupported = true`. Conflicts with `resourceTypes`.
func (RecorderRecordingGroupPtrOutput) ResourceTypes ¶
func (o RecorderRecordingGroupPtrOutput) ResourceTypes() pulumi.StringArrayOutput
A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`). See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types.
func (RecorderRecordingGroupPtrOutput) ToRecorderRecordingGroupPtrOutput ¶
func (o RecorderRecordingGroupPtrOutput) ToRecorderRecordingGroupPtrOutput() RecorderRecordingGroupPtrOutput
func (RecorderRecordingGroupPtrOutput) ToRecorderRecordingGroupPtrOutputWithContext ¶
func (o RecorderRecordingGroupPtrOutput) ToRecorderRecordingGroupPtrOutputWithContext(ctx context.Context) RecorderRecordingGroupPtrOutput
type RecorderState ¶
type RecorderState struct { // The name of the recorder. Defaults to `default`. Changing it recreates the resource. Name pulumi.StringPtrInput // Recording group - see below. RecordingGroup RecorderRecordingGroupPtrInput // Amazon Resource Name (ARN) of the IAM role. // used to make read or write requests to the delivery channel and to describe the AWS resources associated with the account. // See [AWS Docs](http://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) for more details. RoleArn pulumi.StringPtrInput }
func (RecorderState) ElementType ¶
func (RecorderState) ElementType() reflect.Type
type RecorderStatus ¶
type RecorderStatus struct { pulumi.CustomResourceState // Whether the configuration recorder should be enabled or disabled. IsEnabled pulumi.BoolOutput `pulumi:"isEnabled"` // The name of the recorder Name pulumi.StringOutput `pulumi:"name"` }
Manages status (recording / stopped) of an AWS Config Configuration Recorder.
> **Note:** Starting Configuration Recorder requires a `Delivery Channel` to be present. Use of `dependsOn` (as shown below) is recommended to avoid race conditions.
## Example Usage
```go package main
import (
"fmt" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/iam" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/s3" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { bucket, err := s3.NewBucket(ctx, "bucket", nil) if err != nil { return err } fooDeliveryChannel, err := cfg.NewDeliveryChannel(ctx, "fooDeliveryChannel", &cfg.DeliveryChannelArgs{ S3BucketName: bucket.Bucket, }) if err != nil { return err } _, err = cfg.NewRecorderStatus(ctx, "fooRecorderStatus", &cfg.RecorderStatusArgs{ IsEnabled: pulumi.Bool(true), }, pulumi.DependsOn([]pulumi.Resource{ fooDeliveryChannel, })) if err != nil { return err } role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{ AssumeRolePolicy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"sts:AssumeRole\",\n", " \"Principal\": {\n", " \"Service\": \"config.amazonaws.com\"\n", " },\n", " \"Effect\": \"Allow\",\n", " \"Sid\": \"\"\n", " }\n", " ]\n", "}\n")), }) if err != nil { return err } _, err = iam.NewRolePolicyAttachment(ctx, "rolePolicyAttachment", &iam.RolePolicyAttachmentArgs{ Role: role.Name, PolicyArn: pulumi.String("arn:aws:iam::aws:policy/service-role/AWSConfigRole"), }) if err != nil { return err } _, err = cfg.NewRecorder(ctx, "fooRecorder", &cfg.RecorderArgs{ RoleArn: role.Arn, }) if err != nil { return err } _, err = iam.NewRolePolicy(ctx, "rolePolicy", &iam.RolePolicyArgs{ Role: role.ID(), Policy: pulumi.All(bucket.Arn, bucket.Arn).ApplyT(func(_args []interface{}) (string, error) { bucketArn := _args[0].(string) bucketArn1 := _args[1].(string) return fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": [\n", " \"s3:*\"\n", " ],\n", " \"Effect\": \"Allow\",\n", " \"Resource\": [\n", " \"", bucketArn, "\",\n", " \"", bucketArn1, "/*\"\n", " ]\n", " }\n", " ]\n", "}\n"), nil }).(pulumi.StringOutput), }) if err != nil { return err } return nil }) }
```
func GetRecorderStatus ¶
func GetRecorderStatus(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RecorderStatusState, opts ...pulumi.ResourceOption) (*RecorderStatus, error)
GetRecorderStatus gets an existing RecorderStatus resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRecorderStatus ¶
func NewRecorderStatus(ctx *pulumi.Context, name string, args *RecorderStatusArgs, opts ...pulumi.ResourceOption) (*RecorderStatus, error)
NewRecorderStatus registers a new resource with the given unique name, arguments, and options.
type RecorderStatusArgs ¶
type RecorderStatusArgs struct { // Whether the configuration recorder should be enabled or disabled. IsEnabled pulumi.BoolInput // The name of the recorder Name pulumi.StringPtrInput }
The set of arguments for constructing a RecorderStatus resource.
func (RecorderStatusArgs) ElementType ¶
func (RecorderStatusArgs) ElementType() reflect.Type
type RecorderStatusState ¶
type RecorderStatusState struct { // Whether the configuration recorder should be enabled or disabled. IsEnabled pulumi.BoolPtrInput // The name of the recorder Name pulumi.StringPtrInput }
func (RecorderStatusState) ElementType ¶
func (RecorderStatusState) ElementType() reflect.Type
type Rule ¶
type Rule struct { pulumi.CustomResourceState // The ARN of the config rule Arn pulumi.StringOutput `pulumi:"arn"` // Description of the rule Description pulumi.StringPtrOutput `pulumi:"description"` // A string in JSON format that is passed to the AWS Config rule Lambda function. InputParameters pulumi.StringPtrOutput `pulumi:"inputParameters"` // The frequency that you want AWS Config to run evaluations for a rule that // is triggered periodically. If specified, requires `messageType` to be `ScheduledNotification`. MaximumExecutionFrequency pulumi.StringPtrOutput `pulumi:"maximumExecutionFrequency"` // The name of the rule Name pulumi.StringOutput `pulumi:"name"` // The ID of the config rule RuleId pulumi.StringOutput `pulumi:"ruleId"` // Scope defines which resources can trigger an evaluation for the rule as documented below. Scope RuleScopePtrOutput `pulumi:"scope"` // Source specifies the rule owner, the rule identifier, and the notifications that cause // the function to evaluate your AWS resources as documented below. Source RuleSourceOutput `pulumi:"source"` // A map of tags to assign to the resource. Tags pulumi.StringMapOutput `pulumi:"tags"` }
Provides an AWS Config Rule.
> **Note:** Config Rule requires an existing `Configuration Recorder` to be present. Use of `dependsOn` is recommended (as shown below) to avoid race conditions.
## Example Usage ### AWS Managed Rules
AWS managed rules can be used by setting the source owner to `AWS` and the source identifier to the name of the managed rule. More information about AWS managed rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html).
```go package main
import (
"fmt" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/iam" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{ AssumeRolePolicy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"sts:AssumeRole\",\n", " \"Principal\": {\n", " \"Service\": \"config.amazonaws.com\"\n", " },\n", " \"Effect\": \"Allow\",\n", " \"Sid\": \"\"\n", " }\n", " ]\n", "}\n")), }) if err != nil { return err } foo, err := cfg.NewRecorder(ctx, "foo", &cfg.RecorderArgs{ RoleArn: role.Arn, }) if err != nil { return err } _, err = cfg.NewRule(ctx, "rule", &cfg.RuleArgs{ Source: &cfg.RuleSourceArgs{ Owner: pulumi.String("AWS"), SourceIdentifier: pulumi.String("S3_BUCKET_VERSIONING_ENABLED"), }, }, pulumi.DependsOn([]pulumi.Resource{ foo, })) if err != nil { return err } _, err = iam.NewRolePolicy(ctx, "rolePolicy", &iam.RolePolicyArgs{ Role: role.ID(), Policy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"config:Put*\",\n", " \"Effect\": \"Allow\",\n", " \"Resource\": \"*\"\n", "\n", " }\n", " ]\n", "}\n")), }) if err != nil { return err } return nil }) }
``` ### Custom Rules
Custom rules can be used by setting the source owner to `CUSTOM_LAMBDA` and the source identifier to the Amazon Resource Name (ARN) of the Lambda Function. The AWS Config service must have permissions to invoke the Lambda Function, e.g. via the `lambda.Permission` resource. More information about custom rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html).
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/cfg" "github.com/pulumi/pulumi-aws/sdk/v3/go/aws/lambda" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleRecorder, err := cfg.NewRecorder(ctx, "exampleRecorder", nil) if err != nil { return err } exampleFunction, err := lambda.NewFunction(ctx, "exampleFunction", nil) if err != nil { return err } examplePermission, err := lambda.NewPermission(ctx, "examplePermission", &lambda.PermissionArgs{ Action: pulumi.String("lambda:InvokeFunction"), Function: exampleFunction.Arn, Principal: pulumi.String("config.amazonaws.com"), }) if err != nil { return err } _, err = cfg.NewRule(ctx, "exampleRule", &cfg.RuleArgs{ Source: &cfg.RuleSourceArgs{ Owner: pulumi.String("CUSTOM_LAMBDA"), SourceIdentifier: exampleFunction.Arn, }, }, pulumi.DependsOn([]pulumi.Resource{ exampleRecorder, examplePermission, })) if err != nil { return err } return nil }) }
```
func GetRule ¶
func GetRule(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RuleState, opts ...pulumi.ResourceOption) (*Rule, error)
GetRule gets an existing Rule resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
type RuleArgs ¶
type RuleArgs struct { // Description of the rule Description pulumi.StringPtrInput // A string in JSON format that is passed to the AWS Config rule Lambda function. InputParameters pulumi.StringPtrInput // The frequency that you want AWS Config to run evaluations for a rule that // is triggered periodically. If specified, requires `messageType` to be `ScheduledNotification`. MaximumExecutionFrequency pulumi.StringPtrInput // The name of the rule Name pulumi.StringPtrInput // Scope defines which resources can trigger an evaluation for the rule as documented below. Scope RuleScopePtrInput // Source specifies the rule owner, the rule identifier, and the notifications that cause // the function to evaluate your AWS resources as documented below. Source RuleSourceInput // A map of tags to assign to the resource. Tags pulumi.StringMapInput }
The set of arguments for constructing a Rule resource.
func (RuleArgs) ElementType ¶
type RuleScope ¶
type RuleScope struct { // The IDs of the only AWS resource that you want to trigger an evaluation for the rule. // If you specify a resource ID, you must specify one resource type for `complianceResourceTypes`. ComplianceResourceId *string `pulumi:"complianceResourceId"` // A list of resource types of only those AWS resources that you want to trigger an // evaluation for the rule. e.g. `AWS::EC2::Instance`. You can only specify one type if you also specify // a resource ID for `complianceResourceId`. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. ComplianceResourceTypes []string `pulumi:"complianceResourceTypes"` // The tag key that is applied to only those AWS resources that you want you // want to trigger an evaluation for the rule. TagKey *string `pulumi:"tagKey"` // The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. TagValue *string `pulumi:"tagValue"` }
type RuleScopeArgs ¶
type RuleScopeArgs struct { // The IDs of the only AWS resource that you want to trigger an evaluation for the rule. // If you specify a resource ID, you must specify one resource type for `complianceResourceTypes`. ComplianceResourceId pulumi.StringPtrInput `pulumi:"complianceResourceId"` // A list of resource types of only those AWS resources that you want to trigger an // evaluation for the rule. e.g. `AWS::EC2::Instance`. You can only specify one type if you also specify // a resource ID for `complianceResourceId`. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. ComplianceResourceTypes pulumi.StringArrayInput `pulumi:"complianceResourceTypes"` // The tag key that is applied to only those AWS resources that you want you // want to trigger an evaluation for the rule. TagKey pulumi.StringPtrInput `pulumi:"tagKey"` // The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. TagValue pulumi.StringPtrInput `pulumi:"tagValue"` }
func (RuleScopeArgs) ElementType ¶
func (RuleScopeArgs) ElementType() reflect.Type
func (RuleScopeArgs) ToRuleScopeOutput ¶
func (i RuleScopeArgs) ToRuleScopeOutput() RuleScopeOutput
func (RuleScopeArgs) ToRuleScopeOutputWithContext ¶
func (i RuleScopeArgs) ToRuleScopeOutputWithContext(ctx context.Context) RuleScopeOutput
func (RuleScopeArgs) ToRuleScopePtrOutput ¶
func (i RuleScopeArgs) ToRuleScopePtrOutput() RuleScopePtrOutput
func (RuleScopeArgs) ToRuleScopePtrOutputWithContext ¶
func (i RuleScopeArgs) ToRuleScopePtrOutputWithContext(ctx context.Context) RuleScopePtrOutput
type RuleScopeInput ¶
type RuleScopeInput interface { pulumi.Input ToRuleScopeOutput() RuleScopeOutput ToRuleScopeOutputWithContext(context.Context) RuleScopeOutput }
RuleScopeInput is an input type that accepts RuleScopeArgs and RuleScopeOutput values. You can construct a concrete instance of `RuleScopeInput` via:
RuleScopeArgs{...}
type RuleScopeOutput ¶
type RuleScopeOutput struct{ *pulumi.OutputState }
func (RuleScopeOutput) ComplianceResourceId ¶
func (o RuleScopeOutput) ComplianceResourceId() pulumi.StringPtrOutput
The IDs of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `complianceResourceTypes`.
func (RuleScopeOutput) ComplianceResourceTypes ¶
func (o RuleScopeOutput) ComplianceResourceTypes() pulumi.StringArrayOutput
A list of resource types of only those AWS resources that you want to trigger an evaluation for the rule. e.g. `AWS::EC2::Instance`. You can only specify one type if you also specify a resource ID for `complianceResourceId`. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types.
func (RuleScopeOutput) ElementType ¶
func (RuleScopeOutput) ElementType() reflect.Type
func (RuleScopeOutput) TagKey ¶
func (o RuleScopeOutput) TagKey() pulumi.StringPtrOutput
The tag key that is applied to only those AWS resources that you want you want to trigger an evaluation for the rule.
func (RuleScopeOutput) TagValue ¶
func (o RuleScopeOutput) TagValue() pulumi.StringPtrOutput
The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule.
func (RuleScopeOutput) ToRuleScopeOutput ¶
func (o RuleScopeOutput) ToRuleScopeOutput() RuleScopeOutput
func (RuleScopeOutput) ToRuleScopeOutputWithContext ¶
func (o RuleScopeOutput) ToRuleScopeOutputWithContext(ctx context.Context) RuleScopeOutput
func (RuleScopeOutput) ToRuleScopePtrOutput ¶
func (o RuleScopeOutput) ToRuleScopePtrOutput() RuleScopePtrOutput
func (RuleScopeOutput) ToRuleScopePtrOutputWithContext ¶
func (o RuleScopeOutput) ToRuleScopePtrOutputWithContext(ctx context.Context) RuleScopePtrOutput
type RuleScopePtrInput ¶
type RuleScopePtrInput interface { pulumi.Input ToRuleScopePtrOutput() RuleScopePtrOutput ToRuleScopePtrOutputWithContext(context.Context) RuleScopePtrOutput }
RuleScopePtrInput is an input type that accepts RuleScopeArgs, RuleScopePtr and RuleScopePtrOutput values. You can construct a concrete instance of `RuleScopePtrInput` via:
RuleScopeArgs{...} or: nil
func RuleScopePtr ¶
func RuleScopePtr(v *RuleScopeArgs) RuleScopePtrInput
type RuleScopePtrOutput ¶
type RuleScopePtrOutput struct{ *pulumi.OutputState }
func (RuleScopePtrOutput) ComplianceResourceId ¶
func (o RuleScopePtrOutput) ComplianceResourceId() pulumi.StringPtrOutput
The IDs of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `complianceResourceTypes`.
func (RuleScopePtrOutput) ComplianceResourceTypes ¶
func (o RuleScopePtrOutput) ComplianceResourceTypes() pulumi.StringArrayOutput
A list of resource types of only those AWS resources that you want to trigger an evaluation for the rule. e.g. `AWS::EC2::Instance`. You can only specify one type if you also specify a resource ID for `complianceResourceId`. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types.
func (RuleScopePtrOutput) Elem ¶
func (o RuleScopePtrOutput) Elem() RuleScopeOutput
func (RuleScopePtrOutput) ElementType ¶
func (RuleScopePtrOutput) ElementType() reflect.Type
func (RuleScopePtrOutput) TagKey ¶
func (o RuleScopePtrOutput) TagKey() pulumi.StringPtrOutput
The tag key that is applied to only those AWS resources that you want you want to trigger an evaluation for the rule.
func (RuleScopePtrOutput) TagValue ¶
func (o RuleScopePtrOutput) TagValue() pulumi.StringPtrOutput
The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule.
func (RuleScopePtrOutput) ToRuleScopePtrOutput ¶
func (o RuleScopePtrOutput) ToRuleScopePtrOutput() RuleScopePtrOutput
func (RuleScopePtrOutput) ToRuleScopePtrOutputWithContext ¶
func (o RuleScopePtrOutput) ToRuleScopePtrOutputWithContext(ctx context.Context) RuleScopePtrOutput
type RuleSource ¶
type RuleSource struct { // Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS` or `CUSTOM_LAMBDA`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g. via the `lambda.Permission` resource. Owner string `pulumi:"owner"` // Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA`. SourceDetails []RuleSourceSourceDetail `pulumi:"sourceDetails"` // For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `lambda.Function` resource. SourceIdentifier string `pulumi:"sourceIdentifier"` }
type RuleSourceArgs ¶
type RuleSourceArgs struct { // Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS` or `CUSTOM_LAMBDA`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g. via the `lambda.Permission` resource. Owner pulumi.StringInput `pulumi:"owner"` // Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA`. SourceDetails RuleSourceSourceDetailArrayInput `pulumi:"sourceDetails"` // For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `lambda.Function` resource. SourceIdentifier pulumi.StringInput `pulumi:"sourceIdentifier"` }
func (RuleSourceArgs) ElementType ¶
func (RuleSourceArgs) ElementType() reflect.Type
func (RuleSourceArgs) ToRuleSourceOutput ¶
func (i RuleSourceArgs) ToRuleSourceOutput() RuleSourceOutput
func (RuleSourceArgs) ToRuleSourceOutputWithContext ¶
func (i RuleSourceArgs) ToRuleSourceOutputWithContext(ctx context.Context) RuleSourceOutput
func (RuleSourceArgs) ToRuleSourcePtrOutput ¶
func (i RuleSourceArgs) ToRuleSourcePtrOutput() RuleSourcePtrOutput
func (RuleSourceArgs) ToRuleSourcePtrOutputWithContext ¶
func (i RuleSourceArgs) ToRuleSourcePtrOutputWithContext(ctx context.Context) RuleSourcePtrOutput
type RuleSourceInput ¶
type RuleSourceInput interface { pulumi.Input ToRuleSourceOutput() RuleSourceOutput ToRuleSourceOutputWithContext(context.Context) RuleSourceOutput }
RuleSourceInput is an input type that accepts RuleSourceArgs and RuleSourceOutput values. You can construct a concrete instance of `RuleSourceInput` via:
RuleSourceArgs{...}
type RuleSourceOutput ¶
type RuleSourceOutput struct{ *pulumi.OutputState }
func (RuleSourceOutput) ElementType ¶
func (RuleSourceOutput) ElementType() reflect.Type
func (RuleSourceOutput) Owner ¶
func (o RuleSourceOutput) Owner() pulumi.StringOutput
Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS` or `CUSTOM_LAMBDA`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g. via the `lambda.Permission` resource.
func (RuleSourceOutput) SourceDetails ¶
func (o RuleSourceOutput) SourceDetails() RuleSourceSourceDetailArrayOutput
Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA`.
func (RuleSourceOutput) SourceIdentifier ¶
func (o RuleSourceOutput) SourceIdentifier() pulumi.StringOutput
For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `lambda.Function` resource.
func (RuleSourceOutput) ToRuleSourceOutput ¶
func (o RuleSourceOutput) ToRuleSourceOutput() RuleSourceOutput
func (RuleSourceOutput) ToRuleSourceOutputWithContext ¶
func (o RuleSourceOutput) ToRuleSourceOutputWithContext(ctx context.Context) RuleSourceOutput
func (RuleSourceOutput) ToRuleSourcePtrOutput ¶
func (o RuleSourceOutput) ToRuleSourcePtrOutput() RuleSourcePtrOutput
func (RuleSourceOutput) ToRuleSourcePtrOutputWithContext ¶
func (o RuleSourceOutput) ToRuleSourcePtrOutputWithContext(ctx context.Context) RuleSourcePtrOutput
type RuleSourcePtrInput ¶
type RuleSourcePtrInput interface { pulumi.Input ToRuleSourcePtrOutput() RuleSourcePtrOutput ToRuleSourcePtrOutputWithContext(context.Context) RuleSourcePtrOutput }
RuleSourcePtrInput is an input type that accepts RuleSourceArgs, RuleSourcePtr and RuleSourcePtrOutput values. You can construct a concrete instance of `RuleSourcePtrInput` via:
RuleSourceArgs{...} or: nil
func RuleSourcePtr ¶
func RuleSourcePtr(v *RuleSourceArgs) RuleSourcePtrInput
type RuleSourcePtrOutput ¶
type RuleSourcePtrOutput struct{ *pulumi.OutputState }
func (RuleSourcePtrOutput) Elem ¶
func (o RuleSourcePtrOutput) Elem() RuleSourceOutput
func (RuleSourcePtrOutput) ElementType ¶
func (RuleSourcePtrOutput) ElementType() reflect.Type
func (RuleSourcePtrOutput) Owner ¶
func (o RuleSourcePtrOutput) Owner() pulumi.StringPtrOutput
Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS` or `CUSTOM_LAMBDA`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g. via the `lambda.Permission` resource.
func (RuleSourcePtrOutput) SourceDetails ¶
func (o RuleSourcePtrOutput) SourceDetails() RuleSourceSourceDetailArrayOutput
Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA`.
func (RuleSourcePtrOutput) SourceIdentifier ¶
func (o RuleSourcePtrOutput) SourceIdentifier() pulumi.StringPtrOutput
For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `lambda.Function` resource.
func (RuleSourcePtrOutput) ToRuleSourcePtrOutput ¶
func (o RuleSourcePtrOutput) ToRuleSourcePtrOutput() RuleSourcePtrOutput
func (RuleSourcePtrOutput) ToRuleSourcePtrOutputWithContext ¶
func (o RuleSourcePtrOutput) ToRuleSourcePtrOutputWithContext(ctx context.Context) RuleSourcePtrOutput
type RuleSourceSourceDetail ¶
type RuleSourceSourceDetail struct { // The source of the event, such as an AWS service, that triggers AWS Config // to evaluate your AWS resources. This defaults to `aws.config` and is the only valid value. EventSource *string `pulumi:"eventSource"` // The frequency that you want AWS Config to run evaluations for a rule that // is triggered periodically. If specified, requires `messageType` to be `ScheduledNotification`. MaximumExecutionFrequency *string `pulumi:"maximumExecutionFrequency"` // The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types: MessageType *string `pulumi:"messageType"` }
type RuleSourceSourceDetailArgs ¶
type RuleSourceSourceDetailArgs struct { // The source of the event, such as an AWS service, that triggers AWS Config // to evaluate your AWS resources. This defaults to `aws.config` and is the only valid value. EventSource pulumi.StringPtrInput `pulumi:"eventSource"` // The frequency that you want AWS Config to run evaluations for a rule that // is triggered periodically. If specified, requires `messageType` to be `ScheduledNotification`. MaximumExecutionFrequency pulumi.StringPtrInput `pulumi:"maximumExecutionFrequency"` // The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types: MessageType pulumi.StringPtrInput `pulumi:"messageType"` }
func (RuleSourceSourceDetailArgs) ElementType ¶
func (RuleSourceSourceDetailArgs) ElementType() reflect.Type
func (RuleSourceSourceDetailArgs) ToRuleSourceSourceDetailOutput ¶
func (i RuleSourceSourceDetailArgs) ToRuleSourceSourceDetailOutput() RuleSourceSourceDetailOutput
func (RuleSourceSourceDetailArgs) ToRuleSourceSourceDetailOutputWithContext ¶
func (i RuleSourceSourceDetailArgs) ToRuleSourceSourceDetailOutputWithContext(ctx context.Context) RuleSourceSourceDetailOutput
type RuleSourceSourceDetailArray ¶
type RuleSourceSourceDetailArray []RuleSourceSourceDetailInput
func (RuleSourceSourceDetailArray) ElementType ¶
func (RuleSourceSourceDetailArray) ElementType() reflect.Type
func (RuleSourceSourceDetailArray) ToRuleSourceSourceDetailArrayOutput ¶
func (i RuleSourceSourceDetailArray) ToRuleSourceSourceDetailArrayOutput() RuleSourceSourceDetailArrayOutput
func (RuleSourceSourceDetailArray) ToRuleSourceSourceDetailArrayOutputWithContext ¶
func (i RuleSourceSourceDetailArray) ToRuleSourceSourceDetailArrayOutputWithContext(ctx context.Context) RuleSourceSourceDetailArrayOutput
type RuleSourceSourceDetailArrayInput ¶
type RuleSourceSourceDetailArrayInput interface { pulumi.Input ToRuleSourceSourceDetailArrayOutput() RuleSourceSourceDetailArrayOutput ToRuleSourceSourceDetailArrayOutputWithContext(context.Context) RuleSourceSourceDetailArrayOutput }
RuleSourceSourceDetailArrayInput is an input type that accepts RuleSourceSourceDetailArray and RuleSourceSourceDetailArrayOutput values. You can construct a concrete instance of `RuleSourceSourceDetailArrayInput` via:
RuleSourceSourceDetailArray{ RuleSourceSourceDetailArgs{...} }
type RuleSourceSourceDetailArrayOutput ¶
type RuleSourceSourceDetailArrayOutput struct{ *pulumi.OutputState }
func (RuleSourceSourceDetailArrayOutput) ElementType ¶
func (RuleSourceSourceDetailArrayOutput) ElementType() reflect.Type
func (RuleSourceSourceDetailArrayOutput) Index ¶
func (o RuleSourceSourceDetailArrayOutput) Index(i pulumi.IntInput) RuleSourceSourceDetailOutput
func (RuleSourceSourceDetailArrayOutput) ToRuleSourceSourceDetailArrayOutput ¶
func (o RuleSourceSourceDetailArrayOutput) ToRuleSourceSourceDetailArrayOutput() RuleSourceSourceDetailArrayOutput
func (RuleSourceSourceDetailArrayOutput) ToRuleSourceSourceDetailArrayOutputWithContext ¶
func (o RuleSourceSourceDetailArrayOutput) ToRuleSourceSourceDetailArrayOutputWithContext(ctx context.Context) RuleSourceSourceDetailArrayOutput
type RuleSourceSourceDetailInput ¶
type RuleSourceSourceDetailInput interface { pulumi.Input ToRuleSourceSourceDetailOutput() RuleSourceSourceDetailOutput ToRuleSourceSourceDetailOutputWithContext(context.Context) RuleSourceSourceDetailOutput }
RuleSourceSourceDetailInput is an input type that accepts RuleSourceSourceDetailArgs and RuleSourceSourceDetailOutput values. You can construct a concrete instance of `RuleSourceSourceDetailInput` via:
RuleSourceSourceDetailArgs{...}
type RuleSourceSourceDetailOutput ¶
type RuleSourceSourceDetailOutput struct{ *pulumi.OutputState }
func (RuleSourceSourceDetailOutput) ElementType ¶
func (RuleSourceSourceDetailOutput) ElementType() reflect.Type
func (RuleSourceSourceDetailOutput) EventSource ¶
func (o RuleSourceSourceDetailOutput) EventSource() pulumi.StringPtrOutput
The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources. This defaults to `aws.config` and is the only valid value.
func (RuleSourceSourceDetailOutput) MaximumExecutionFrequency ¶
func (o RuleSourceSourceDetailOutput) MaximumExecutionFrequency() pulumi.StringPtrOutput
The frequency that you want AWS Config to run evaluations for a rule that is triggered periodically. If specified, requires `messageType` to be `ScheduledNotification`.
func (RuleSourceSourceDetailOutput) MessageType ¶
func (o RuleSourceSourceDetailOutput) MessageType() pulumi.StringPtrOutput
The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:
func (RuleSourceSourceDetailOutput) ToRuleSourceSourceDetailOutput ¶
func (o RuleSourceSourceDetailOutput) ToRuleSourceSourceDetailOutput() RuleSourceSourceDetailOutput
func (RuleSourceSourceDetailOutput) ToRuleSourceSourceDetailOutputWithContext ¶
func (o RuleSourceSourceDetailOutput) ToRuleSourceSourceDetailOutputWithContext(ctx context.Context) RuleSourceSourceDetailOutput
type RuleState ¶
type RuleState struct { // The ARN of the config rule Arn pulumi.StringPtrInput // Description of the rule Description pulumi.StringPtrInput // A string in JSON format that is passed to the AWS Config rule Lambda function. InputParameters pulumi.StringPtrInput // The frequency that you want AWS Config to run evaluations for a rule that // is triggered periodically. If specified, requires `messageType` to be `ScheduledNotification`. MaximumExecutionFrequency pulumi.StringPtrInput // The name of the rule Name pulumi.StringPtrInput // The ID of the config rule RuleId pulumi.StringPtrInput // Scope defines which resources can trigger an evaluation for the rule as documented below. Scope RuleScopePtrInput // Source specifies the rule owner, the rule identifier, and the notifications that cause // the function to evaluate your AWS resources as documented below. Source RuleSourcePtrInput // A map of tags to assign to the resource. Tags pulumi.StringMapInput }