UNPKG

@pulumi/aws-native

Version:

The Pulumi AWS Cloud Control Provider enables you to build, deploy, and manage [any AWS resource that's supported by the AWS Cloud Control API](https://github.com/pulumi/pulumi-aws-native/blob/master/provider/cmd/pulumi-gen-aws-native/supported-types.txt)

pulumi.com

pulumi/pulumi-aws-native

121 lines (120 loc) 5.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
import * as pulumi from "@pulumi/pulumi"; import * as enums from "../types/enums"; /** * The AWS::Logs::AccountPolicy resource specifies a CloudWatch Logs AccountPolicy. * * ## Example Usage * ### Example * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws_native from "@pulumi/aws-native"; * * const accountPolicy = new aws_native.logs.AccountPolicy("accountPolicy", { * policyName: "TestPolicy", * policyDocument: "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }", * policyType: aws_native.logs.AccountPolicyPolicyType.DataProtectionPolicy, * scope: aws_native.logs.AccountPolicyScope.All, * }); * * ``` * ### Example * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws_native from "@pulumi/aws-native"; * * const accountPolicy = new aws_native.logs.AccountPolicy("accountPolicy", { * policyName: "TestPolicy", * policyDocument: "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }", * policyType: aws_native.logs.AccountPolicyPolicyType.DataProtectionPolicy, * scope: aws_native.logs.AccountPolicyScope.All, * }); * * ``` */ export declare class AccountPolicy extends pulumi.CustomResource { /** * Get an existing AccountPolicy resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): AccountPolicy; /** * Returns true if the given object is an instance of AccountPolicy. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is AccountPolicy; /** * User account id */ readonly accountId: pulumi.Output<string>; /** * The body of the policy document you want to use for this topic. * * You can only add one policy per PolicyType. * * The policy must be in JSON string format. * * Length Constraints: Maximum length of 30720 */ readonly policyDocument: pulumi.Output<string>; /** * The name of the account policy */ readonly policyName: pulumi.Output<string>; /** * Type of the policy. */ readonly policyType: pulumi.Output<enums.logs.AccountPolicyPolicyType>; /** * Scope for policy application */ readonly scope: pulumi.Output<enums.logs.AccountPolicyScope | undefined>; /** * Log group selection criteria to apply policy only to a subset of log groups. SelectionCriteria string can be up to 25KB and cloudwatchlogs determines the length of selectionCriteria by using its UTF-8 bytes */ readonly selectionCriteria: pulumi.Output<string | undefined>; /** * Create a AccountPolicy resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: AccountPolicyArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a AccountPolicy resource. */ export interface AccountPolicyArgs { /** * The body of the policy document you want to use for this topic. * * You can only add one policy per PolicyType. * * The policy must be in JSON string format. * * Length Constraints: Maximum length of 30720 */ policyDocument: pulumi.Input<string>; /** * The name of the account policy */ policyName?: pulumi.Input<string>; /** * Type of the policy. */ policyType: pulumi.Input<enums.logs.AccountPolicyPolicyType>; /** * Scope for policy application */ scope?: pulumi.Input<enums.logs.AccountPolicyScope>; /** * Log group selection criteria to apply policy only to a subset of log groups. SelectionCriteria string can be up to 25KB and cloudwatchlogs determines the length of selectionCriteria by using its UTF-8 bytes */ selectionCriteria?: pulumi.Input<string>; }