1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. securitylake
  5. DataLake

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi

aws-native.securitylake.DataLake

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi

    Resource Type definition for AWS::SecurityLake::DataLake

    Create DataLake Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new DataLake(name: string, args?: DataLakeArgs, opts?: CustomResourceOptions);
    @overload
    def DataLake(resource_name: str,
                 args: Optional[DataLakeArgs] = None,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def DataLake(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 encryption_configuration: Optional[DataLakeEncryptionConfigurationArgs] = None,
                 lifecycle_configuration: Optional[DataLakeLifecycleConfigurationArgs] = None,
                 meta_store_manager_role_arn: Optional[str] = None,
                 replication_configuration: Optional[DataLakeReplicationConfigurationArgs] = None,
                 tags: Optional[Sequence[_root_inputs.TagArgs]] = None)
    func NewDataLake(ctx *Context, name string, args *DataLakeArgs, opts ...ResourceOption) (*DataLake, error)
    public DataLake(string name, DataLakeArgs? args = null, CustomResourceOptions? opts = null)
    public DataLake(String name, DataLakeArgs args)
    public DataLake(String name, DataLakeArgs args, CustomResourceOptions options)
    
    type: aws-native:securitylake:DataLake
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    DataLake Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The DataLake resource accepts the following input properties:

    EncryptionConfiguration Pulumi.AwsNative.SecurityLake.Inputs.DataLakeEncryptionConfiguration
    Provides encryption details of the Amazon Security Lake object.
    LifecycleConfiguration Pulumi.AwsNative.SecurityLake.Inputs.DataLakeLifecycleConfiguration
    You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see Lifecycle management in the Amazon Security Lake User Guide.
    MetaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to index AWS Glue table partitions that are generated by the ingestion and normalization of AWS log sources and custom sources.
    ReplicationConfiguration Pulumi.AwsNative.SecurityLake.Inputs.DataLakeReplicationConfiguration
    Provides replication details of Amazon Security Lake object.
    Tags List<Pulumi.AwsNative.Inputs.Tag>
    An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.
    EncryptionConfiguration DataLakeEncryptionConfigurationArgs
    Provides encryption details of the Amazon Security Lake object.
    LifecycleConfiguration DataLakeLifecycleConfigurationArgs
    You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see Lifecycle management in the Amazon Security Lake User Guide.
    MetaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to index AWS Glue table partitions that are generated by the ingestion and normalization of AWS log sources and custom sources.
    ReplicationConfiguration DataLakeReplicationConfigurationArgs
    Provides replication details of Amazon Security Lake object.
    Tags TagArgs
    An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.
    encryptionConfiguration DataLakeEncryptionConfiguration
    Provides encryption details of the Amazon Security Lake object.
    lifecycleConfiguration DataLakeLifecycleConfiguration
    You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see Lifecycle management in the Amazon Security Lake User Guide.
    metaStoreManagerRoleArn String
    The Amazon Resource Name (ARN) used to index AWS Glue table partitions that are generated by the ingestion and normalization of AWS log sources and custom sources.
    replicationConfiguration DataLakeReplicationConfiguration
    Provides replication details of Amazon Security Lake object.
    tags List<Tag>
    An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.
    encryptionConfiguration DataLakeEncryptionConfiguration
    Provides encryption details of the Amazon Security Lake object.
    lifecycleConfiguration DataLakeLifecycleConfiguration
    You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see Lifecycle management in the Amazon Security Lake User Guide.
    metaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to index AWS Glue table partitions that are generated by the ingestion and normalization of AWS log sources and custom sources.
    replicationConfiguration DataLakeReplicationConfiguration
    Provides replication details of Amazon Security Lake object.
    tags Tag[]
    An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.
    encryption_configuration DataLakeEncryptionConfigurationArgs
    Provides encryption details of the Amazon Security Lake object.
    lifecycle_configuration DataLakeLifecycleConfigurationArgs
    You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see Lifecycle management in the Amazon Security Lake User Guide.
    meta_store_manager_role_arn str
    The Amazon Resource Name (ARN) used to index AWS Glue table partitions that are generated by the ingestion and normalization of AWS log sources and custom sources.
    replication_configuration DataLakeReplicationConfigurationArgs
    Provides replication details of Amazon Security Lake object.
    tags Sequence[TagArgs]
    An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.
    encryptionConfiguration Property Map
    Provides encryption details of the Amazon Security Lake object.
    lifecycleConfiguration Property Map
    You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see Lifecycle management in the Amazon Security Lake User Guide.
    metaStoreManagerRoleArn String
    The Amazon Resource Name (ARN) used to index AWS Glue table partitions that are generated by the ingestion and normalization of AWS log sources and custom sources.
    replicationConfiguration Property Map
    Provides replication details of Amazon Security Lake object.
    tags List<Property Map>
    An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the DataLake resource produces the following output properties:

    Arn string
    The Amazon Resource Name (ARN) created by you to provide to the subscriber.
    Id string
    The provider-assigned unique ID for this managed resource.
    S3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    Arn string
    The Amazon Resource Name (ARN) created by you to provide to the subscriber.
    Id string
    The provider-assigned unique ID for this managed resource.
    S3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    arn String
    The Amazon Resource Name (ARN) created by you to provide to the subscriber.
    id String
    The provider-assigned unique ID for this managed resource.
    s3BucketArn String
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    arn string
    The Amazon Resource Name (ARN) created by you to provide to the subscriber.
    id string
    The provider-assigned unique ID for this managed resource.
    s3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    arn str
    The Amazon Resource Name (ARN) created by you to provide to the subscriber.
    id str
    The provider-assigned unique ID for this managed resource.
    s3_bucket_arn str
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    arn String
    The Amazon Resource Name (ARN) created by you to provide to the subscriber.
    id String
    The provider-assigned unique ID for this managed resource.
    s3BucketArn String
    The ARN for the Amazon Security Lake Amazon S3 bucket.

    Supporting Types

    DataLakeEncryptionConfiguration, DataLakeEncryptionConfigurationArgs

    KmsKeyId string
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    KmsKeyId string
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    kmsKeyId String
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    kmsKeyId string
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    kms_key_id str
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    kmsKeyId String
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.

    DataLakeExpiration, DataLakeExpirationArgs

    Days int
    The number of days before data expires in the Amazon Security Lake object.
    Days int
    The number of days before data expires in the Amazon Security Lake object.
    days Integer
    The number of days before data expires in the Amazon Security Lake object.
    days number
    The number of days before data expires in the Amazon Security Lake object.
    days int
    The number of days before data expires in the Amazon Security Lake object.
    days Number
    The number of days before data expires in the Amazon Security Lake object.

    DataLakeLifecycleConfiguration, DataLakeLifecycleConfigurationArgs

    Expiration Pulumi.AwsNative.SecurityLake.Inputs.DataLakeExpiration
    Provides data expiration details of the Amazon Security Lake object.
    Transitions List<Pulumi.AwsNative.SecurityLake.Inputs.DataLakeTransitions>
    Provides data storage transition details of Amazon Security Lake object.
    Expiration DataLakeExpiration
    Provides data expiration details of the Amazon Security Lake object.
    Transitions []DataLakeTransitions
    Provides data storage transition details of Amazon Security Lake object.
    expiration DataLakeExpiration
    Provides data expiration details of the Amazon Security Lake object.
    transitions List<DataLakeTransitions>
    Provides data storage transition details of Amazon Security Lake object.
    expiration DataLakeExpiration
    Provides data expiration details of the Amazon Security Lake object.
    transitions DataLakeTransitions[]
    Provides data storage transition details of Amazon Security Lake object.
    expiration DataLakeExpiration
    Provides data expiration details of the Amazon Security Lake object.
    transitions Sequence[DataLakeTransitions]
    Provides data storage transition details of Amazon Security Lake object.
    expiration Property Map
    Provides data expiration details of the Amazon Security Lake object.
    transitions List<Property Map>
    Provides data storage transition details of Amazon Security Lake object.

    DataLakeReplicationConfiguration, DataLakeReplicationConfigurationArgs

    Regions List<string>

    Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the CreateDataLake or UpdateDataLake operations contributes data to the rollup Region or Regions specified in this parameter.

    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.

    RoleArn string
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    Regions []string

    Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the CreateDataLake or UpdateDataLake operations contributes data to the rollup Region or Regions specified in this parameter.

    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.

    RoleArn string
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    regions List<String>

    Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the CreateDataLake or UpdateDataLake operations contributes data to the rollup Region or Regions specified in this parameter.

    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.

    roleArn String
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    regions string[]

    Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the CreateDataLake or UpdateDataLake operations contributes data to the rollup Region or Regions specified in this parameter.

    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.

    roleArn string
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    regions Sequence[str]

    Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the CreateDataLake or UpdateDataLake operations contributes data to the rollup Region or Regions specified in this parameter.

    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.

    role_arn str
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    regions List<String>

    Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the CreateDataLake or UpdateDataLake operations contributes data to the rollup Region or Regions specified in this parameter.

    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.

    roleArn String
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.

    DataLakeTransitions, DataLakeTransitionsArgs

    Days int
    Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.
    StorageClass string
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    Days int
    Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.
    StorageClass string
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    days Integer
    Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.
    storageClass String
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    days number
    Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.
    storageClass string
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    days int
    Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.
    storage_class str
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    days Number
    Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.
    storageClass String
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.

    Tag, TagArgs

    Key string
    The key name of the tag
    Value string
    The value of the tag
    Key string
    The key name of the tag
    Value string
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag
    key string
    The key name of the tag
    value string
    The value of the tag
    key str
    The key name of the tag
    value str
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi