@pulumi/aws/securityhub/configurationPolicyAssociation.js

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

"use strict";
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.ConfigurationPolicyAssociation = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
 * Manages Security Hub configuration policy associations.
 *
 * > **NOTE:** This resource requires `aws.securityhub.OrganizationConfiguration` to be configured with type `CENTRAL`. More information about Security Hub central configuration and configuration policies can be found in the [How Security Hub configuration policies work](https://docs.aws.amazon.com/securityhub/latest/userguide/configuration-policies-overview.html) documentation.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as aws from "@pulumi/aws";
 *
 * const example = new aws.securityhub.FindingAggregator("example", {linkingMode: "ALL_REGIONS"});
 * const exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration("example", {
 *     autoEnable: false,
 *     autoEnableStandards: "NONE",
 *     organizationConfiguration: {
 *         configurationType: "CENTRAL",
 *     },
 * }, {
 *     dependsOn: [example],
 * });
 * const exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy("example", {
 *     name: "Example",
 *     description: "This is an example configuration policy",
 *     configurationPolicy: {
 *         serviceEnabled: true,
 *         enabledStandardArns: [
 *             "arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0",
 *             "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0",
 *         ],
 *         securityControlsConfiguration: {
 *             disabledControlIdentifiers: [],
 *         },
 *     },
 * }, {
 *     dependsOn: [exampleOrganizationConfiguration],
 * });
 * const accountExample = new aws.securityhub.ConfigurationPolicyAssociation("account_example", {
 *     targetId: "123456789012",
 *     policyId: exampleConfigurationPolicy.id,
 * });
 * const rootExample = new aws.securityhub.ConfigurationPolicyAssociation("root_example", {
 *     targetId: "r-abcd",
 *     policyId: exampleConfigurationPolicy.id,
 * });
 * const ouExample = new aws.securityhub.ConfigurationPolicyAssociation("ou_example", {
 *     targetId: "ou-abcd-12345678",
 *     policyId: exampleConfigurationPolicy.id,
 * });
 * ```
 *
 * ## Import
 *
 * Using `pulumi import`, import an existing Security Hub enabled account using the target id. For example:
 *
 * ```sh
 * $ pulumi import aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation example_account_association 123456789012
 * ```
 */
class ConfigurationPolicyAssociation extends pulumi.CustomResource {
    /**
     * Get an existing ConfigurationPolicyAssociation resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name, id, state, opts) {
        return new ConfigurationPolicyAssociation(name, state, { ...opts, id: id });
    }
    /**
     * Returns true if the given object is an instance of ConfigurationPolicyAssociation.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj) {
        if (obj === undefined || obj === null) {
            return false;
        }
        return obj['__pulumiType'] === ConfigurationPolicyAssociation.__pulumiType;
    }
    constructor(name, argsOrState, opts) {
        let resourceInputs = {};
        opts = opts || {};
        if (opts.id) {
            const state = argsOrState;
            resourceInputs["policyId"] = state?.policyId;
            resourceInputs["region"] = state?.region;
            resourceInputs["targetId"] = state?.targetId;
        }
        else {
            const args = argsOrState;
            if (args?.policyId === undefined && !opts.urn) {
                throw new Error("Missing required property 'policyId'");
            }
            if (args?.targetId === undefined && !opts.urn) {
                throw new Error("Missing required property 'targetId'");
            }
            resourceInputs["policyId"] = args?.policyId;
            resourceInputs["region"] = args?.region;
            resourceInputs["targetId"] = args?.targetId;
        }
        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
        super(ConfigurationPolicyAssociation.__pulumiType, name, resourceInputs, opts);
    }
}
exports.ConfigurationPolicyAssociation = ConfigurationPolicyAssociation;
/** @internal */
ConfigurationPolicyAssociation.__pulumiType = 'aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation';
//# sourceMappingURL=configurationPolicyAssociation.js.map