UNPKG

@pulumi/aws

Version:

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

pulumi/pulumi-aws

594 lines • 21.2 kB

JavaScript

"use strict"; // *** WARNING: this file was generated by pulumi-language-nodejs. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.EventTarget = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("../utilities"); /** * Provides an EventBridge Target resource. * * > **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical. * * > **Note:** In order to be able to have your AWS Lambda function or * SNS topic invoked by an EventBridge rule, you must set up the right permissions * using `aws.lambda.Permission` * or `aws.sns.TopicPolicy`. * More info [here](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-use-resource-based.html). * * ## Example Usage * * ### Kinesis Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const console = new aws.cloudwatch.EventRule("console", { * name: "capture-ec2-scaling-events", * description: "Capture all EC2 scaling events", * eventPattern: JSON.stringify({ * source: ["aws.autoscaling"], * "detail-type": [ * "EC2 Instance Launch Successful", * "EC2 Instance Terminate Successful", * "EC2 Instance Launch Unsuccessful", * "EC2 Instance Terminate Unsuccessful", * ], * }), * }); * const testStream = new aws.kinesis.Stream("test_stream", { * name: "kinesis-test", * shardCount: 1, * }); * const yada = new aws.cloudwatch.EventTarget("yada", { * targetId: "Yada", * rule: console.name, * arn: testStream.arn, * runCommandTargets: [ * { * key: "tag:Name", * values: ["FooBar"], * }, * { * key: "InstanceIds", * values: ["i-162058cd308bffec2"], * }, * ], * }); * ``` * * ### SSM Document Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const ssmLifecycleTrust = aws.iam.getPolicyDocument({ * statements: [{ * actions: ["sts:AssumeRole"], * principals: [{ * type: "Service", * identifiers: ["events.amazonaws.com"], * }], * }], * }); * const stopInstance = new aws.ssm.Document("stop_instance", { * name: "stop_instance", * documentType: "Command", * content: JSON.stringify({ * schemaVersion: "1.2", * description: "Stop an instance", * parameters: {}, * runtimeConfig: { * "aws:runShellScript": { * properties: [{ * id: "0.aws:runShellScript", * runCommand: ["halt"], * }], * }, * }, * }), * }); * const ssmLifecycle = aws.iam.getPolicyDocumentOutput({ * statements: [ * { * effect: "Allow", * actions: ["ssm:SendCommand"], * resources: ["arn:aws:ec2:eu-west-1:1234567890:instance/*"], * conditions: [{ * test: "StringEquals", * variable: "ec2:ResourceTag/Terminate", * values: ["*"], * }], * }, * { * effect: "Allow", * actions: ["ssm:SendCommand"], * resources: [stopInstance.arn], * }, * ], * }); * const ssmLifecycleRole = new aws.iam.Role("ssm_lifecycle", { * name: "SSMLifecycle", * assumeRolePolicy: ssmLifecycleTrust.then(ssmLifecycleTrust => ssmLifecycleTrust.json), * }); * const ssmLifecyclePolicy = new aws.iam.Policy("ssm_lifecycle", { * name: "SSMLifecycle", * policy: ssmLifecycle.apply(ssmLifecycle => ssmLifecycle.json), * }); * const ssmLifecycleRolePolicyAttachment = new aws.iam.RolePolicyAttachment("ssm_lifecycle", { * policyArn: ssmLifecyclePolicy.arn, * role: ssmLifecycleRole.name, * }); * const stopInstances = new aws.cloudwatch.EventRule("stop_instances", { * name: "StopInstance", * description: "Stop instances nightly", * scheduleExpression: "cron(0 0 * * ? *)", * }); * const stopInstancesEventTarget = new aws.cloudwatch.EventTarget("stop_instances", { * targetId: "StopInstance", * arn: stopInstance.arn, * rule: stopInstances.name, * roleArn: ssmLifecycleRole.arn, * runCommandTargets: [{ * key: "tag:Terminate", * values: ["midnight"], * }], * }); * ``` * * ### RunCommand Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const stopInstances = new aws.cloudwatch.EventRule("stop_instances", { * name: "StopInstance", * description: "Stop instances nightly", * scheduleExpression: "cron(0 0 * * ? *)", * }); * const stopInstancesEventTarget = new aws.cloudwatch.EventTarget("stop_instances", { * targetId: "StopInstance", * arn: `arn:aws:ssm:${awsRegion}::document/AWS-RunShellScript`, * input: "{\"commands\":[\"halt\"]}", * rule: stopInstances.name, * roleArn: ssmLifecycle.arn, * runCommandTargets: [{ * key: "tag:Terminate", * values: ["midnight"], * }], * }); * ``` * * ### ECS Run Task with Role and Task Override Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * import * as std from "@pulumi/std"; * * const assumeRole = aws.iam.getPolicyDocument({ * statements: [{ * effect: "Allow", * principals: [{ * type: "Service", * identifiers: ["events.amazonaws.com"], * }], * actions: ["sts:AssumeRole"], * }], * }); * const ecsEvents = new aws.iam.Role("ecs_events", { * name: "ecs_events", * assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json), * }); * const ecsEventsRunTaskWithAnyRole = std.replace({ * text: taskName.arn, * search: "/:\\d+$/", * replace: ":*", * }).then(invoke => aws.iam.getPolicyDocument({ * statements: [ * { * effect: "Allow", * actions: ["iam:PassRole"], * resources: ["*"], * }, * { * effect: "Allow", * actions: ["ecs:RunTask"], * resources: [invoke.result], * }, * ], * })); * const ecsEventsRunTaskWithAnyRoleRolePolicy = new aws.iam.RolePolicy("ecs_events_run_task_with_any_role", { * name: "ecs_events_run_task_with_any_role", * role: ecsEvents.id, * policy: ecsEventsRunTaskWithAnyRole.then(ecsEventsRunTaskWithAnyRole => ecsEventsRunTaskWithAnyRole.json), * }); * const ecsScheduledTask = new aws.cloudwatch.EventTarget("ecs_scheduled_task", { * targetId: "run-scheduled-task-every-hour", * arn: clusterName.arn, * rule: everyHour.name, * roleArn: ecsEvents.arn, * ecsTarget: { * taskCount: 1, * taskDefinitionArn: taskName.arn, * }, * input: JSON.stringify({ * containerOverrides: [{ * name: "name-of-container-to-override", * command: [ * "bin/console", * "scheduled-task", * ], * }], * }), * }); * ``` * * ### API Gateway target * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const exampleEventRule = new aws.cloudwatch.EventRule("example", {}); * const exampleDeployment = new aws.apigateway.Deployment("example", {restApi: exampleAwsApiGatewayRestApi.id}); * const exampleStage = new aws.apigateway.Stage("example", { * restApi: exampleAwsApiGatewayRestApi.id, * deployment: exampleDeployment.id, * }); * const example = new aws.cloudwatch.EventTarget("example", { * arn: pulumi.interpolate`${exampleStage.executionArn}/GET`, * rule: exampleEventRule.id, * httpTarget: { * queryStringParameters: { * Body: "$.detail.body", * }, * headerParameters: { * Env: "Test", * }, * }, * }); * ``` * * ### Cross-Account Event Bus target * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const assumeRole = aws.iam.getPolicyDocument({ * statements: [{ * effect: "Allow", * principals: [{ * type: "Service", * identifiers: ["events.amazonaws.com"], * }], * actions: ["sts:AssumeRole"], * }], * }); * const eventBusInvokeRemoteEventBusRole = new aws.iam.Role("event_bus_invoke_remote_event_bus", { * name: "event-bus-invoke-remote-event-bus", * assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json), * }); * const eventBusInvokeRemoteEventBus = aws.iam.getPolicyDocument({ * statements: [{ * effect: "Allow", * actions: ["events:PutEvents"], * resources: ["arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus"], * }], * }); * const eventBusInvokeRemoteEventBusPolicy = new aws.iam.Policy("event_bus_invoke_remote_event_bus", { * name: "event_bus_invoke_remote_event_bus", * policy: eventBusInvokeRemoteEventBus.then(eventBusInvokeRemoteEventBus => eventBusInvokeRemoteEventBus.json), * }); * const eventBusInvokeRemoteEventBusRolePolicyAttachment = new aws.iam.RolePolicyAttachment("event_bus_invoke_remote_event_bus", { * role: eventBusInvokeRemoteEventBusRole.name, * policyArn: eventBusInvokeRemoteEventBusPolicy.arn, * }); * const stopInstances = new aws.cloudwatch.EventRule("stop_instances", { * name: "StopInstance", * description: "Stop instances nightly", * scheduleExpression: "cron(0 0 * * ? *)", * }); * const stopInstancesEventTarget = new aws.cloudwatch.EventTarget("stop_instances", { * targetId: "StopInstance", * arn: "arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus", * rule: stopInstances.name, * roleArn: eventBusInvokeRemoteEventBusRole.arn, * }); * ``` * * ### Input Transformer Usage - JSON Object * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const exampleEventRule = new aws.cloudwatch.EventRule("example", {}); * const example = new aws.cloudwatch.EventTarget("example", { * arn: exampleAwsLambdaFunction.arn, * rule: exampleEventRule.id, * inputTransformer: { * inputPaths: { * instance: "$.detail.instance", * status: "$.detail.status", * }, * inputTemplate: `{ * "instance_id": <instance>, * "instance_status": <status> * } * `, * }, * }); * ``` * * ### Input Transformer Usage - Simple String * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const exampleEventRule = new aws.cloudwatch.EventRule("example", {}); * const example = new aws.cloudwatch.EventTarget("example", { * arn: exampleAwsLambdaFunction.arn, * rule: exampleEventRule.id, * inputTransformer: { * inputPaths: { * instance: "$.detail.instance", * status: "$.detail.status", * }, * inputTemplate: "\"<instance> is in state <status>\"", * }, * }); * ``` * * ### Cloudwatch Log Group Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const example = new aws.cloudwatch.LogGroup("example", { * name: "/aws/events/guardduty/logs", * retentionInDays: 1, * }); * const exampleEventRule = new aws.cloudwatch.EventRule("example", { * name: "guard-duty_event_rule", * description: "GuardDuty Findings", * eventPattern: JSON.stringify({ * source: ["aws.guardduty"], * }), * tags: { * Environment: "example", * }, * }); * const exampleLogPolicy = aws.iam.getPolicyDocumentOutput({ * statements: [ * { * effect: "Allow", * actions: ["logs:CreateLogStream"], * resources: [pulumi.interpolate`${example.arn}:*`], * principals: [{ * type: "Service", * identifiers: [ * "events.amazonaws.com", * "delivery.logs.amazonaws.com", * ], * }], * }, * { * effect: "Allow", * actions: ["logs:PutLogEvents"], * resources: [pulumi.interpolate`${example.arn}:*:*`], * principals: [{ * type: "Service", * identifiers: [ * "events.amazonaws.com", * "delivery.logs.amazonaws.com", * ], * }], * conditions: [{ * test: "ArnEquals", * values: [exampleEventRule.arn], * variable: "aws:SourceArn", * }], * }, * ], * }); * const exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy("example", { * policyDocument: exampleLogPolicy.apply(exampleLogPolicy => exampleLogPolicy.json), * policyName: "guardduty-log-publishing-policy", * }); * const exampleEventTarget = new aws.cloudwatch.EventTarget("example", { * rule: exampleEventRule.name, * arn: example.arn, * }); * ``` * * ### AppSync Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * import * as std from "@pulumi/std"; * * const invokeAppsyncMutation = new aws.cloudwatch.EventRule("invoke_appsync_mutation", { * name: "invoke-appsync-mutation", * description: "schedule_batch_test", * scheduleExpression: "rate(5 minutes)", * }); * const appsyncMutationRoleTrust = aws.iam.getPolicyDocument({ * statements: [{ * actions: ["sts:AssumeRole"], * principals: [{ * type: "Service", * identifiers: ["events.amazonaws.com"], * }], * }], * }); * const appsyncMutationRole = new aws.iam.Role("appsync_mutation_role", { * name: "appsync-mutation-role", * assumeRolePolicy: appsyncMutationRoleTrust.then(appsyncMutationRoleTrust => appsyncMutationRoleTrust.json), * }); * const graphql_api = new aws.appsync.GraphQLApi("graphql-api", { * name: "api", * authenticationType: "AWS_IAM", * schema: ` schema { * mutation: Mutation * query: Query * } * * type Query { * testQuery: String * } * * type Mutation { * testMutation(input: MutationInput!): TestMutationResult * } * * type TestMutationResult { * test: String * } * * input MutationInput { * testInput: String * } * `, * }); * const invokeAppsyncMutationEventTarget = new aws.cloudwatch.EventTarget("invoke_appsync_mutation", { * arn: std.replaceOutput({ * text: graphql_api.arn, * search: "apis", * replace: "endpoints/graphql-api", * }).apply(invoke => invoke.result), * rule: invokeAppsyncMutation.id, * roleArn: appsyncMutationRole.arn, * inputTransformer: { * inputPaths: { * input: "$.detail.input", * }, * inputTemplate: ` { * "input": <input> * } * `, * }, * appsyncTarget: { * graphqlOperation: "mutation TestMutation($input:MutationInput!){testMutation(input: $input) {test}}", * }, * }); * const appsyncMutationRolePolicyDocument = aws.iam.getPolicyDocumentOutput({ * statements: [{ * actions: ["appsync:GraphQL"], * effect: "Allow", * resources: [graphql_api.arn], * }], * }); * const appsyncMutationRolePolicy = new aws.iam.Policy("appsync_mutation_role_policy", { * name: "appsync-mutation-role-policy", * policy: appsyncMutationRolePolicyDocument.apply(appsyncMutationRolePolicyDocument => appsyncMutationRolePolicyDocument.json), * }); * const appsyncMutationRoleAttachment = new aws.iam.RolePolicyAttachment("appsync_mutation_role_attachment", { * policyArn: appsyncMutationRolePolicy.arn, * role: appsyncMutationRole.name, * }); * ``` * * ## Import * * Using `pulumi import`, import EventBridge Targets using `event_bus_name/rule-name/target-id` (if you omit `event_bus_name`, the `default` event bus will be used). For example: * * ```sh * $ pulumi import aws:cloudwatch/eventTarget:EventTarget test-event-target rule-name/target-id * ``` */ class EventTarget extends pulumi.CustomResource { /** * Get an existing EventTarget resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name, id, state, opts) { return new EventTarget(name, state, { ...opts, id: id }); } /** * Returns true if the given object is an instance of EventTarget. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj) { if (obj === undefined || obj === null) { return false; } return obj['__pulumiType'] === EventTarget.__pulumiType; } constructor(name, argsOrState, opts) { let resourceInputs = {}; opts = opts || {}; if (opts.id) { const state = argsOrState; resourceInputs["appsyncTarget"] = state?.appsyncTarget; resourceInputs["arn"] = state?.arn; resourceInputs["batchTarget"] = state?.batchTarget; resourceInputs["deadLetterConfig"] = state?.deadLetterConfig; resourceInputs["ecsTarget"] = state?.ecsTarget; resourceInputs["eventBusName"] = state?.eventBusName; resourceInputs["forceDestroy"] = state?.forceDestroy; resourceInputs["httpTarget"] = state?.httpTarget; resourceInputs["input"] = state?.input; resourceInputs["inputPath"] = state?.inputPath; resourceInputs["inputTransformer"] = state?.inputTransformer; resourceInputs["kinesisTarget"] = state?.kinesisTarget; resourceInputs["redshiftTarget"] = state?.redshiftTarget; resourceInputs["region"] = state?.region; resourceInputs["retryPolicy"] = state?.retryPolicy; resourceInputs["roleArn"] = state?.roleArn; resourceInputs["rule"] = state?.rule; resourceInputs["runCommandTargets"] = state?.runCommandTargets; resourceInputs["sagemakerPipelineTarget"] = state?.sagemakerPipelineTarget; resourceInputs["sqsTarget"] = state?.sqsTarget; resourceInputs["targetId"] = state?.targetId; } else { const args = argsOrState; if (args?.arn === undefined && !opts.urn) { throw new Error("Missing required property 'arn'"); } if (args?.rule === undefined && !opts.urn) { throw new Error("Missing required property 'rule'"); } resourceInputs["appsyncTarget"] = args?.appsyncTarget; resourceInputs["arn"] = args?.arn; resourceInputs["batchTarget"] = args?.batchTarget; resourceInputs["deadLetterConfig"] = args?.deadLetterConfig; resourceInputs["ecsTarget"] = args?.ecsTarget; resourceInputs["eventBusName"] = args?.eventBusName; resourceInputs["forceDestroy"] = args?.forceDestroy; resourceInputs["httpTarget"] = args?.httpTarget; resourceInputs["input"] = args?.input; resourceInputs["inputPath"] = args?.inputPath; resourceInputs["inputTransformer"] = args?.inputTransformer; resourceInputs["kinesisTarget"] = args?.kinesisTarget; resourceInputs["redshiftTarget"] = args?.redshiftTarget; resourceInputs["region"] = args?.region; resourceInputs["retryPolicy"] = args?.retryPolicy; resourceInputs["roleArn"] = args?.roleArn; resourceInputs["rule"] = args?.rule; resourceInputs["runCommandTargets"] = args?.runCommandTargets; resourceInputs["sagemakerPipelineTarget"] = args?.sagemakerPipelineTarget; resourceInputs["sqsTarget"] = args?.sqsTarget; resourceInputs["targetId"] = args?.targetId; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); super(EventTarget.__pulumiType, name, resourceInputs, opts); } } exports.EventTarget = EventTarget; /** @internal */ EventTarget.__pulumiType = 'aws:cloudwatch/eventTarget:EventTarget'; //# sourceMappingURL=eventTarget.js.map