1. Packages
  2. AWS Native
  3. API Docs
  4. logs
  5. AccountPolicy

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.78.0 published on Wednesday, Sep 27, 2023 by Pulumi

aws-native.logs.AccountPolicy

Explore with Pulumi AI

aws-native logo

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.78.0 published on Wednesday, Sep 27, 2023 by Pulumi

    The AWS::Logs::AccountPolicy resource specifies a CloudWatch Logs AccountPolicy.

    Example Usage

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var accountPolicy = new AwsNative.Logs.AccountPolicy("accountPolicy", new()
        {
            PolicyName = "TestPolicy",
            PolicyDocument = "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
            PolicyType = AwsNative.Logs.AccountPolicyPolicyType.DataProtectionPolicy,
            Scope = AwsNative.Logs.AccountPolicyScope.All,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/logs"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := logs.NewAccountPolicy(ctx, "accountPolicy", &logs.AccountPolicyArgs{
    			PolicyName:     pulumi.String("TestPolicy"),
    			PolicyDocument: pulumi.String("{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }"),
    			PolicyType:     logs.AccountPolicyPolicyTypeDataProtectionPolicy,
    			Scope:          logs.AccountPolicyScopeAll,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    account_policy = aws_native.logs.AccountPolicy("accountPolicy",
        policy_name="TestPolicy",
        policy_document="{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
        policy_type=aws_native.logs.AccountPolicyPolicyType.DATA_PROTECTION_POLICY,
        scope=aws_native.logs.AccountPolicyScope.ALL)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const accountPolicy = new aws_native.logs.AccountPolicy("accountPolicy", {
        policyName: "TestPolicy",
        policyDocument: "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
        policyType: aws_native.logs.AccountPolicyPolicyType.DataProtectionPolicy,
        scope: aws_native.logs.AccountPolicyScope.All,
    });
    

    Coming soon!

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var accountPolicy = new AwsNative.Logs.AccountPolicy("accountPolicy", new()
        {
            PolicyName = "TestPolicy",
            PolicyDocument = "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
            PolicyType = AwsNative.Logs.AccountPolicyPolicyType.DataProtectionPolicy,
            Scope = AwsNative.Logs.AccountPolicyScope.All,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/logs"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := logs.NewAccountPolicy(ctx, "accountPolicy", &logs.AccountPolicyArgs{
    			PolicyName:     pulumi.String("TestPolicy"),
    			PolicyDocument: pulumi.String("{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }"),
    			PolicyType:     logs.AccountPolicyPolicyTypeDataProtectionPolicy,
    			Scope:          logs.AccountPolicyScopeAll,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    account_policy = aws_native.logs.AccountPolicy("accountPolicy",
        policy_name="TestPolicy",
        policy_document="{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
        policy_type=aws_native.logs.AccountPolicyPolicyType.DATA_PROTECTION_POLICY,
        scope=aws_native.logs.AccountPolicyScope.ALL)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const accountPolicy = new aws_native.logs.AccountPolicy("accountPolicy", {
        policyName: "TestPolicy",
        policyDocument: "{ \"Name\": \"data-protection-policy\", \"Description\": \"\", \"Version\": \"2021-06-01\", \"Statement\": [ { \"Sid\": \"audit-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Audit\": { \"FindingsDestination\": { \"CloudWatchLogs\": { \"LogGroup\": \"EXISTING_LOG_GROUP_NAME\" } } } } }, { \"Sid\": \"redact-policy\", \"DataIdentifier\": [ \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\" ], \"Operation\": { \"Deidentify\": { \"MaskConfig\": {} } } } ] }",
        policyType: aws_native.logs.AccountPolicyPolicyType.DataProtectionPolicy,
        scope: aws_native.logs.AccountPolicyScope.All,
    });
    

    Coming soon!

    Create AccountPolicy Resource

    new AccountPolicy(name: string, args: AccountPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def AccountPolicy(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      policy_document: Optional[str] = None,
                      policy_name: Optional[str] = None,
                      policy_type: Optional[AccountPolicyPolicyType] = None,
                      scope: Optional[AccountPolicyScope] = None)
    @overload
    def AccountPolicy(resource_name: str,
                      args: AccountPolicyArgs,
                      opts: Optional[ResourceOptions] = None)
    func NewAccountPolicy(ctx *Context, name string, args AccountPolicyArgs, opts ...ResourceOption) (*AccountPolicy, error)
    public AccountPolicy(string name, AccountPolicyArgs args, CustomResourceOptions? opts = null)
    public AccountPolicy(String name, AccountPolicyArgs args)
    public AccountPolicy(String name, AccountPolicyArgs args, CustomResourceOptions options)
    
    type: aws-native:logs:AccountPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AccountPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AccountPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AccountPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AccountPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AccountPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AccountPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AccountPolicy resource accepts the following input properties:

    PolicyDocument string

    The body of the policy document you want to use for this topic.

    You can only add one policy per PolicyType.

    The policy must be in JSON string format.

    Length Constraints: Maximum length of 30720

    PolicyName string

    The name of the account policy

    PolicyType Pulumi.AwsNative.Logs.AccountPolicyPolicyType

    Type of the policy.

    Scope Pulumi.AwsNative.Logs.AccountPolicyScope

    Scope for policy application

    PolicyDocument string

    The body of the policy document you want to use for this topic.

    You can only add one policy per PolicyType.

    The policy must be in JSON string format.

    Length Constraints: Maximum length of 30720

    PolicyName string

    The name of the account policy

    PolicyType AccountPolicyPolicyType

    Type of the policy.

    Scope AccountPolicyScope

    Scope for policy application

    policyDocument String

    The body of the policy document you want to use for this topic.

    You can only add one policy per PolicyType.

    The policy must be in JSON string format.

    Length Constraints: Maximum length of 30720

    policyName String

    The name of the account policy

    policyType AccountPolicyPolicyType

    Type of the policy.

    scope AccountPolicyScope

    Scope for policy application

    policyDocument string

    The body of the policy document you want to use for this topic.

    You can only add one policy per PolicyType.

    The policy must be in JSON string format.

    Length Constraints: Maximum length of 30720

    policyName string

    The name of the account policy

    policyType AccountPolicyPolicyType

    Type of the policy.

    scope AccountPolicyScope

    Scope for policy application

    policy_document str

    The body of the policy document you want to use for this topic.

    You can only add one policy per PolicyType.

    The policy must be in JSON string format.

    Length Constraints: Maximum length of 30720

    policy_name str

    The name of the account policy

    policy_type AccountPolicyPolicyType

    Type of the policy.

    scope AccountPolicyScope

    Scope for policy application

    policyDocument String

    The body of the policy document you want to use for this topic.

    You can only add one policy per PolicyType.

    The policy must be in JSON string format.

    Length Constraints: Maximum length of 30720

    policyName String

    The name of the account policy

    policyType "DATA_PROTECTION_POLICY"

    Type of the policy.

    scope "ALL"

    Scope for policy application

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AccountPolicy resource produces the following output properties:

    AccountId string

    User account id

    Id string

    The provider-assigned unique ID for this managed resource.

    AccountId string

    User account id

    Id string

    The provider-assigned unique ID for this managed resource.

    accountId String

    User account id

    id String

    The provider-assigned unique ID for this managed resource.

    accountId string

    User account id

    id string

    The provider-assigned unique ID for this managed resource.

    account_id str

    User account id

    id str

    The provider-assigned unique ID for this managed resource.

    accountId String

    User account id

    id String

    The provider-assigned unique ID for this managed resource.

    Supporting Types

    AccountPolicyPolicyType, AccountPolicyPolicyTypeArgs

    DataProtectionPolicy
    DATA_PROTECTION_POLICY
    AccountPolicyPolicyTypeDataProtectionPolicy
    DATA_PROTECTION_POLICY
    DataProtectionPolicy
    DATA_PROTECTION_POLICY
    DataProtectionPolicy
    DATA_PROTECTION_POLICY
    DATA_PROTECTION_POLICY
    DATA_PROTECTION_POLICY
    "DATA_PROTECTION_POLICY"
    DATA_PROTECTION_POLICY

    AccountPolicyScope, AccountPolicyScopeArgs

    All
    ALL
    AccountPolicyScopeAll
    ALL
    All
    ALL
    All
    ALL
    ALL
    ALL
    "ALL"
    ALL

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    AWS Native is in preview. AWS Classic is fully supported.

    AWS Native v0.78.0 published on Wednesday, Sep 27, 2023 by Pulumi