UNPKG

@pulumi/aws

Version:

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

pulumi/pulumi-aws

122 lines • 5.19 kB

JavaScript

"use strict"; // *** WARNING: this file was generated by pulumi-language-nodejs. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.getServiceAccountOutput = exports.getServiceAccount = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("../utilities"); /** * Use this data source to get the Account ID of the [AWS Elastic Load Balancing Service Account](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) * in a given region for the purpose of permitting in S3 bucket policy. * * > **Note:** For AWS Regions opened since Jakarta (`ap-southeast-3`) in December 2021, AWS [documents that](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) a [service principal name](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services) should be used instead of an AWS account ID in any relevant IAM policy. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const main = aws.elb.getServiceAccount({}); * const elbLogs = new aws.s3.Bucket("elb_logs", {bucket: "my-elb-tf-test-bucket"}); * const elbLogsAcl = new aws.s3.BucketAcl("elb_logs_acl", { * bucket: elbLogs.id, * acl: "private", * }); * const allowElbLogging = pulumi.all([main, elbLogs.arn]).apply(([main, arn]) => aws.iam.getPolicyDocumentOutput({ * statements: [{ * effect: "Allow", * principals: [{ * type: "AWS", * identifiers: [main.arn], * }], * actions: ["s3:PutObject"], * resources: [`${arn}/AWSLogs/*`], * }], * })); * const allowElbLoggingBucketPolicy = new aws.s3.BucketPolicy("allow_elb_logging", { * bucket: elbLogs.id, * policy: allowElbLogging.apply(allowElbLogging => allowElbLogging.json), * }); * const bar = new aws.elb.LoadBalancer("bar", { * name: "my-foobar-elb", * availabilityZones: ["us-west-2a"], * accessLogs: { * bucket: elbLogs.id, * interval: 5, * }, * listeners: [{ * instancePort: 8000, * instanceProtocol: "http", * lbPort: 80, * lbProtocol: "http", * }], * }); * ``` */ function getServiceAccount(args, opts) { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("aws:elb/getServiceAccount:getServiceAccount", { "region": args.region, }, opts); } exports.getServiceAccount = getServiceAccount; /** * Use this data source to get the Account ID of the [AWS Elastic Load Balancing Service Account](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) * in a given region for the purpose of permitting in S3 bucket policy. * * > **Note:** For AWS Regions opened since Jakarta (`ap-southeast-3`) in December 2021, AWS [documents that](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) a [service principal name](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services) should be used instead of an AWS account ID in any relevant IAM policy. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const main = aws.elb.getServiceAccount({}); * const elbLogs = new aws.s3.Bucket("elb_logs", {bucket: "my-elb-tf-test-bucket"}); * const elbLogsAcl = new aws.s3.BucketAcl("elb_logs_acl", { * bucket: elbLogs.id, * acl: "private", * }); * const allowElbLogging = pulumi.all([main, elbLogs.arn]).apply(([main, arn]) => aws.iam.getPolicyDocumentOutput({ * statements: [{ * effect: "Allow", * principals: [{ * type: "AWS", * identifiers: [main.arn], * }], * actions: ["s3:PutObject"], * resources: [`${arn}/AWSLogs/*`], * }], * })); * const allowElbLoggingBucketPolicy = new aws.s3.BucketPolicy("allow_elb_logging", { * bucket: elbLogs.id, * policy: allowElbLogging.apply(allowElbLogging => allowElbLogging.json), * }); * const bar = new aws.elb.LoadBalancer("bar", { * name: "my-foobar-elb", * availabilityZones: ["us-west-2a"], * accessLogs: { * bucket: elbLogs.id, * interval: 5, * }, * listeners: [{ * instancePort: 8000, * instanceProtocol: "http", * lbPort: 80, * lbProtocol: "http", * }], * }); * ``` */ function getServiceAccountOutput(args, opts) { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("aws:elb/getServiceAccount:getServiceAccount", { "region": args.region, }, opts); } exports.getServiceAccountOutput = getServiceAccountOutput; //# sourceMappingURL=getServiceAccount.js.map