AWS Native is in preview. AWS Classic is fully supported.
aws-native.logs.AccountPolicy
Explore with Pulumi AI
AWS Native is in preview. AWS Classic is fully supported.
The AWS::Logs::AccountPolicy resource specifies a CloudWatch Logs AccountPolicy.
Example Usage
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var accountPolicy = new AwsNative.Logs.AccountPolicy("accountPolicy", new()
{
PolicyName = "TestPolicy",
PolicyDocument = "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
PolicyType = AwsNative.Logs.AccountPolicyPolicyType.DataProtectionPolicy,
Scope = AwsNative.Logs.AccountPolicyScope.All,
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/logs"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := logs.NewAccountPolicy(ctx, "accountPolicy", &logs.AccountPolicyArgs{
PolicyName: pulumi.String("TestPolicy"),
PolicyDocument: pulumi.String("{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }"),
PolicyType: logs.AccountPolicyPolicyTypeDataProtectionPolicy,
Scope: logs.AccountPolicyScopeAll,
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
account_policy = aws_native.logs.AccountPolicy("accountPolicy",
policy_name="TestPolicy",
policy_document="{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
policy_type=aws_native.logs.AccountPolicyPolicyType.DATA_PROTECTION_POLICY,
scope=aws_native.logs.AccountPolicyScope.ALL)
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const accountPolicy = new aws_native.logs.AccountPolicy("accountPolicy", {
policyName: "TestPolicy",
policyDocument: "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
policyType: aws_native.logs.AccountPolicyPolicyType.DataProtectionPolicy,
scope: aws_native.logs.AccountPolicyScope.All,
});
Coming soon!
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var accountPolicy = new AwsNative.Logs.AccountPolicy("accountPolicy", new()
{
PolicyName = "TestPolicy",
PolicyDocument = "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
PolicyType = AwsNative.Logs.AccountPolicyPolicyType.DataProtectionPolicy,
Scope = AwsNative.Logs.AccountPolicyScope.All,
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/logs"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := logs.NewAccountPolicy(ctx, "accountPolicy", &logs.AccountPolicyArgs{
PolicyName: pulumi.String("TestPolicy"),
PolicyDocument: pulumi.String("{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }"),
PolicyType: logs.AccountPolicyPolicyTypeDataProtectionPolicy,
Scope: logs.AccountPolicyScopeAll,
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
account_policy = aws_native.logs.AccountPolicy("accountPolicy",
policy_name="TestPolicy",
policy_document="{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
policy_type=aws_native.logs.AccountPolicyPolicyType.DATA_PROTECTION_POLICY,
scope=aws_native.logs.AccountPolicyScope.ALL)
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const accountPolicy = new aws_native.logs.AccountPolicy("accountPolicy", {
policyName: "TestPolicy",
policyDocument: "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
policyType: aws_native.logs.AccountPolicyPolicyType.DataProtectionPolicy,
scope: aws_native.logs.AccountPolicyScope.All,
});
Coming soon!
Create AccountPolicy Resource
new AccountPolicy(name: string, args: AccountPolicyArgs, opts?: CustomResourceOptions);
@overload
def AccountPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
policy_document: Optional[str] = None,
policy_name: Optional[str] = None,
policy_type: Optional[AccountPolicyPolicyType] = None,
scope: Optional[AccountPolicyScope] = None)
@overload
def AccountPolicy(resource_name: str,
args: AccountPolicyArgs,
opts: Optional[ResourceOptions] = None)
func NewAccountPolicy(ctx *Context, name string, args AccountPolicyArgs, opts ...ResourceOption) (*AccountPolicy, error)
public AccountPolicy(string name, AccountPolicyArgs args, CustomResourceOptions? opts = null)
public AccountPolicy(String name, AccountPolicyArgs args)
public AccountPolicy(String name, AccountPolicyArgs args, CustomResourceOptions options)
type: aws-native:logs:AccountPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccountPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccountPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccountPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccountPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccountPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AccountPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AccountPolicy resource accepts the following input properties:
- Policy
Document string The body of the policy document you want to use for this topic.
You can only add one policy per PolicyType.
The policy must be in JSON string format.
Length Constraints: Maximum length of 30720
- Policy
Name string The name of the account policy
- Policy
Type Pulumi.Aws Native. Logs. Account Policy Policy Type Type of the policy.
- Scope
Pulumi.
Aws Native. Logs. Account Policy Scope Scope for policy application
- Policy
Document string The body of the policy document you want to use for this topic.
You can only add one policy per PolicyType.
The policy must be in JSON string format.
Length Constraints: Maximum length of 30720
- Policy
Name string The name of the account policy
- Policy
Type AccountPolicy Policy Type Type of the policy.
- Scope
Account
Policy Scope Scope for policy application
- policy
Document String The body of the policy document you want to use for this topic.
You can only add one policy per PolicyType.
The policy must be in JSON string format.
Length Constraints: Maximum length of 30720
- policy
Name String The name of the account policy
- policy
Type AccountPolicy Policy Type Type of the policy.
- scope
Account
Policy Scope Scope for policy application
- policy
Document string The body of the policy document you want to use for this topic.
You can only add one policy per PolicyType.
The policy must be in JSON string format.
Length Constraints: Maximum length of 30720
- policy
Name string The name of the account policy
- policy
Type AccountPolicy Policy Type Type of the policy.
- scope
Account
Policy Scope Scope for policy application
- policy_
document str The body of the policy document you want to use for this topic.
You can only add one policy per PolicyType.
The policy must be in JSON string format.
Length Constraints: Maximum length of 30720
- policy_
name str The name of the account policy
- policy_
type AccountPolicy Policy Type Type of the policy.
- scope
Account
Policy Scope Scope for policy application
- policy
Document String The body of the policy document you want to use for this topic.
You can only add one policy per PolicyType.
The policy must be in JSON string format.
Length Constraints: Maximum length of 30720
- policy
Name String The name of the account policy
- policy
Type "DATA_PROTECTION_POLICY" Type of the policy.
- scope "ALL"
Scope for policy application
Outputs
All input properties are implicitly available as output properties. Additionally, the AccountPolicy resource produces the following output properties:
- account_
id str User account id
- id str
The provider-assigned unique ID for this managed resource.
Supporting Types
AccountPolicyPolicyType, AccountPolicyPolicyTypeArgs
- Data
Protection Policy - DATA_PROTECTION_POLICY
- Account
Policy Policy Type Data Protection Policy - DATA_PROTECTION_POLICY
- Data
Protection Policy - DATA_PROTECTION_POLICY
- Data
Protection Policy - DATA_PROTECTION_POLICY
- DATA_PROTECTION_POLICY
- DATA_PROTECTION_POLICY
- "DATA_PROTECTION_POLICY"
- DATA_PROTECTION_POLICY
AccountPolicyScope, AccountPolicyScopeArgs
- All
- ALL
- Account
Policy Scope All - ALL
- All
- ALL
- All
- ALL
- ALL
- ALL
- "ALL"
- ALL
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
AWS Native is in preview. AWS Classic is fully supported.