Docs Home
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
aws-native.accessanalyzer.Analyzer
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
The AWS::AccessAnalyzer::Analyzer type specifies an analyzer of the user’s account
Example Usage
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var analyzer = new AwsNative.AccessAnalyzer.Analyzer("analyzer", new()
{
AnalyzerName = "DevAccountAnalyzer",
ArchiveRules = new[]
{
new AwsNative.AccessAnalyzer.Inputs.AnalyzerArchiveRuleArgs
{
Filter = new[]
{
new AwsNative.AccessAnalyzer.Inputs.AnalyzerFilterArgs
{
Eq = new[]
{
"123456789012",
},
Property = "principal.AWS",
},
},
RuleName = "ArchiveTrustedAccountAccess",
},
new AwsNative.AccessAnalyzer.Inputs.AnalyzerArchiveRuleArgs
{
Filter = new[]
{
new AwsNative.AccessAnalyzer.Inputs.AnalyzerFilterArgs
{
Contains = new[]
{
"arn:aws:s3:::docs-bucket",
"arn:aws:s3:::clients-bucket",
},
Property = "resource",
},
},
RuleName = "ArchivePublicS3BucketsAccess",
},
},
Tags = new[]
{
new AwsNative.Inputs.TagArgs
{
Key = "Kind",
Value = "Dev",
},
},
Type = "ACCOUNT",
});
});
package main
import (
awsnative "github.com/pulumi/pulumi-aws-native/sdk/go/aws"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/accessanalyzer"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := accessanalyzer.NewAnalyzer(ctx, "analyzer", &accessanalyzer.AnalyzerArgs{
AnalyzerName: pulumi.String("DevAccountAnalyzer"),
ArchiveRules: accessanalyzer.AnalyzerArchiveRuleArray{
&accessanalyzer.AnalyzerArchiveRuleArgs{
Filter: accessanalyzer.AnalyzerFilterArray{
&accessanalyzer.AnalyzerFilterArgs{
Eq: pulumi.StringArray{
pulumi.String("123456789012"),
},
Property: pulumi.String("principal.AWS"),
},
},
RuleName: pulumi.String("ArchiveTrustedAccountAccess"),
},
&accessanalyzer.AnalyzerArchiveRuleArgs{
Filter: accessanalyzer.AnalyzerFilterArray{
&accessanalyzer.AnalyzerFilterArgs{
Contains: pulumi.StringArray{
pulumi.String("arn:aws:s3:::docs-bucket"),
pulumi.String("arn:aws:s3:::clients-bucket"),
},
Property: pulumi.String("resource"),
},
},
RuleName: pulumi.String("ArchivePublicS3BucketsAccess"),
},
},
Tags: aws.TagArray{
&aws.TagArgs{
Key: pulumi.String("Kind"),
Value: pulumi.String("Dev"),
},
},
Type: pulumi.String("ACCOUNT"),
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const analyzer = new aws_native.accessanalyzer.Analyzer("analyzer", {
analyzerName: "DevAccountAnalyzer",
archiveRules: [
{
filter: [{
eq: ["123456789012"],
property: "principal.AWS",
}],
ruleName: "ArchiveTrustedAccountAccess",
},
{
filter: [{
contains: [
"arn:aws:s3:::docs-bucket",
"arn:aws:s3:::clients-bucket",
],
property: "resource",
}],
ruleName: "ArchivePublicS3BucketsAccess",
},
],
tags: [{
key: "Kind",
value: "Dev",
}],
type: "ACCOUNT",
});
import pulumi
import pulumi_aws_native as aws_native
analyzer = aws_native.accessanalyzer.Analyzer("analyzer",
analyzer_name="DevAccountAnalyzer",
archive_rules=[
{
"filter": [{
"eq": ["123456789012"],
"property": "principal.AWS",
}],
"rule_name": "ArchiveTrustedAccountAccess",
},
{
"filter": [{
"contains": [
"arn:aws:s3:::docs-bucket",
"arn:aws:s3:::clients-bucket",
],
"property": "resource",
}],
"rule_name": "ArchivePublicS3BucketsAccess",
},
],
tags=[{
"key": "Kind",
"value": "Dev",
}],
type="ACCOUNT")
Coming soon!
Create Analyzer Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Analyzer(name: string, args: AnalyzerArgs, opts?: CustomResourceOptions);@overload
def Analyzer(resource_name: str,
args: AnalyzerArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Analyzer(resource_name: str,
opts: Optional[ResourceOptions] = None,
type: Optional[str] = None,
analyzer_configuration: Optional[AnalyzerConfigurationPropertiesArgs] = None,
analyzer_name: Optional[str] = None,
archive_rules: Optional[Sequence[AnalyzerArchiveRuleArgs]] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None)func NewAnalyzer(ctx *Context, name string, args AnalyzerArgs, opts ...ResourceOption) (*Analyzer, error)public Analyzer(string name, AnalyzerArgs args, CustomResourceOptions? opts = null)
public Analyzer(String name, AnalyzerArgs args)
public Analyzer(String name, AnalyzerArgs args, CustomResourceOptions options)
type: aws-native:accessanalyzer:Analyzer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Analyzer Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Analyzer resource accepts the following input properties:
- Type string
- The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS
- Analyzer
Configuration Pulumi.Aws Native. Access Analyzer. Inputs. Analyzer Configuration Properties - The configuration for the analyzer
- Analyzer
Name string - Analyzer name
- Archive
Rules List<Pulumi.Aws Native. Access Analyzer. Inputs. Analyzer Archive Rule> - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
-
List<Pulumi.
Aws Native. Inputs. Tag> - An array of key-value pairs to apply to this resource.
- Type string
- The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS
- Analyzer
Configuration AnalyzerConfiguration Properties Args - The configuration for the analyzer
- Analyzer
Name string - Analyzer name
- Archive
Rules []AnalyzerArchive Rule Args - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
-
Tag
Args - An array of key-value pairs to apply to this resource.
- type String
- The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS
- analyzer
Configuration AnalyzerConfiguration Properties - The configuration for the analyzer
- analyzer
Name String - Analyzer name
- archive
Rules List<AnalyzerArchive Rule> - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- List<Tag>
- An array of key-value pairs to apply to this resource.
- type string
- The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS
- analyzer
Configuration AnalyzerConfiguration Properties - The configuration for the analyzer
- analyzer
Name string - Analyzer name
- archive
Rules AnalyzerArchive Rule[] - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- Tag[]
- An array of key-value pairs to apply to this resource.
- type str
- The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS
- analyzer_
configuration AnalyzerConfiguration Properties Args - The configuration for the analyzer
- analyzer_
name str - Analyzer name
- archive_
rules Sequence[AnalyzerArchive Rule Args] - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
-
Sequence[Tag
Args] - An array of key-value pairs to apply to this resource.
- type String
- The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS
- analyzer
Configuration Property Map - The configuration for the analyzer
- analyzer
Name String - Analyzer name
- archive
Rules List<Property Map> - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- List<Property Map>
- An array of key-value pairs to apply to this resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the Analyzer resource produces the following output properties:
Supporting Types
AnalyzerAnalysisRuleCriteria, AnalyzerAnalysisRuleCriteriaArgs
- Account
Ids List<string> - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
List<Immutable
Array<Pulumi. Aws Native. Access Analyzer. Inputs. Analyzer Tag>> An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- Account
Ids []string - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
[][]Analyzer
Tag An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- account
Ids List<String> - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
List<List<Analyzer
Tag>> An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- account
Ids string[] - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
Analyzer
Tag[][] An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- account_
ids Sequence[str] - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
Sequence[Sequence[Analyzer
Tag]] An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- account
Ids List<String> - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
- List<List<Property Map>>
An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
AnalyzerArchiveRule, AnalyzerArchiveRuleArgs
- Filter
List<Pulumi.
Aws Native. Access Analyzer. Inputs. Analyzer Filter> - The criteria for the rule.
- Rule
Name string - The archive rule name
- Filter
[]Analyzer
Filter - The criteria for the rule.
- Rule
Name string - The archive rule name
- filter
List<Analyzer
Filter> - The criteria for the rule.
- rule
Name String - The archive rule name
- filter
Analyzer
Filter[] - The criteria for the rule.
- rule
Name string - The archive rule name
- filter
Sequence[Analyzer
Filter] - The criteria for the rule.
- rule_
name str - The archive rule name
- filter List<Property Map>
- The criteria for the rule.
- rule
Name String - The archive rule name
AnalyzerConfigurationProperties, AnalyzerConfigurationPropertiesArgs
- Unused
Access Pulumi.Configuration Aws Native. Access Analyzer. Inputs. Analyzer Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- Unused
Access AnalyzerConfiguration Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- unused
Access AnalyzerConfiguration Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- unused
Access AnalyzerConfiguration Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- unused_
access_ Analyzerconfiguration Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- unused
Access Property MapConfiguration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
AnalyzerFilter, AnalyzerFilterArgs
- Property string
- The property used to define the criteria in the filter for the rule.
- Contains List<string>
- A "contains" condition to match for the rule.
- Eq List<string>
- An "equals" condition to match for the rule.
- Exists bool
- An "exists" condition to match for the rule.
- Neq List<string>
- A "not equal" condition to match for the rule.
- Property string
- The property used to define the criteria in the filter for the rule.
- Contains []string
- A "contains" condition to match for the rule.
- Eq []string
- An "equals" condition to match for the rule.
- Exists bool
- An "exists" condition to match for the rule.
- Neq []string
- A "not equal" condition to match for the rule.
- property String
- The property used to define the criteria in the filter for the rule.
- contains List<String>
- A "contains" condition to match for the rule.
- eq List<String>
- An "equals" condition to match for the rule.
- exists Boolean
- An "exists" condition to match for the rule.
- neq List<String>
- A "not equal" condition to match for the rule.
- property string
- The property used to define the criteria in the filter for the rule.
- contains string[]
- A "contains" condition to match for the rule.
- eq string[]
- An "equals" condition to match for the rule.
- exists boolean
- An "exists" condition to match for the rule.
- neq string[]
- A "not equal" condition to match for the rule.
- property str
- The property used to define the criteria in the filter for the rule.
- contains Sequence[str]
- A "contains" condition to match for the rule.
- eq Sequence[str]
- An "equals" condition to match for the rule.
- exists bool
- An "exists" condition to match for the rule.
- neq Sequence[str]
- A "not equal" condition to match for the rule.
- property String
- The property used to define the criteria in the filter for the rule.
- contains List<String>
- A "contains" condition to match for the rule.
- eq List<String>
- An "equals" condition to match for the rule.
- exists Boolean
- An "exists" condition to match for the rule.
- neq List<String>
- A "not equal" condition to match for the rule.
AnalyzerTag, AnalyzerTagArgs
- Key string
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Value string
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Key string
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Value string
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key String
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value String
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key string
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value string
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key str
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value str
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key String
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value String
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
AnalyzerUnusedAccessConfiguration, AnalyzerUnusedAccessConfigurationArgs
- Analysis
Rule Pulumi.Aws Native. Access Analyzer. Inputs. Analyzer Unused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- Unused
Access intAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- Analysis
Rule AnalyzerUnused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- Unused
Access intAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- analysis
Rule AnalyzerUnused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- unused
Access IntegerAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- analysis
Rule AnalyzerUnused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- unused
Access numberAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- analysis_
rule AnalyzerUnused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- unused_
access_ intage - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- analysis
Rule Property Map - Contains information about rules for the analyzer.
- unused
Access NumberAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
AnalyzerUnusedAccessConfigurationAnalysisRuleProperties, AnalyzerUnusedAccessConfigurationAnalysisRulePropertiesArgs
- Exclusions
List<Pulumi.
Aws Native. Access Analyzer. Inputs. Analyzer Analysis Rule Criteria> - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- Exclusions
[]Analyzer
Analysis Rule Criteria - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- exclusions
List<Analyzer
Analysis Rule Criteria> - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- exclusions
Analyzer
Analysis Rule Criteria[] - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- exclusions
Sequence[Analyzer
Analysis Rule Criteria] - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- exclusions List<Property Map>
- A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
Tag, TagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi