1. Packages
  2. AWS
  3. API Docs
  4. auditmanager
  5. Assessment
AWS v6.64.0 published on Friday, Dec 6, 2024 by Pulumi

aws.auditmanager.Assessment

Explore with Pulumi AI

aws logo
AWS v6.64.0 published on Friday, Dec 6, 2024 by Pulumi

    Resource for managing an AWS Audit Manager Assessment.

    Example Usage

    Basic Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const test = new aws.auditmanager.Assessment("test", {
        name: "example",
        assessmentReportsDestination: {
            destination: `s3://${testAwsS3Bucket.id}`,
            destinationType: "S3",
        },
        frameworkId: testAwsAuditmanagerFramework.id,
        roles: [{
            roleArn: testAwsIamRole.arn,
            roleType: "PROCESS_OWNER",
        }],
        scope: {
            awsAccounts: [{
                id: current.accountId,
            }],
            awsServices: [{
                serviceName: "S3",
            }],
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    test = aws.auditmanager.Assessment("test",
        name="example",
        assessment_reports_destination={
            "destination": f"s3://{test_aws_s3_bucket['id']}",
            "destination_type": "S3",
        },
        framework_id=test_aws_auditmanager_framework["id"],
        roles=[{
            "role_arn": test_aws_iam_role["arn"],
            "role_type": "PROCESS_OWNER",
        }],
        scope={
            "aws_accounts": [{
                "id": current["accountId"],
            }],
            "aws_services": [{
                "service_name": "S3",
            }],
        })
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := auditmanager.NewAssessment(ctx, "test", &auditmanager.AssessmentArgs{
    			Name: pulumi.String("example"),
    			AssessmentReportsDestination: &auditmanager.AssessmentAssessmentReportsDestinationArgs{
    				Destination:     pulumi.Sprintf("s3://%v", testAwsS3Bucket.Id),
    				DestinationType: pulumi.String("S3"),
    			},
    			FrameworkId: pulumi.Any(testAwsAuditmanagerFramework.Id),
    			Roles: auditmanager.AssessmentRoleArray{
    				&auditmanager.AssessmentRoleArgs{
    					RoleArn:  pulumi.Any(testAwsIamRole.Arn),
    					RoleType: pulumi.String("PROCESS_OWNER"),
    				},
    			},
    			Scope: &auditmanager.AssessmentScopeArgs{
    				AwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{
    					&auditmanager.AssessmentScopeAwsAccountArgs{
    						Id: pulumi.Any(current.AccountId),
    					},
    				},
    				AwsServices: auditmanager.AssessmentScopeAwsServiceArray{
    					&auditmanager.AssessmentScopeAwsServiceArgs{
    						ServiceName: pulumi.String("S3"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var test = new Aws.Auditmanager.Assessment("test", new()
        {
            Name = "example",
            AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs
            {
                Destination = $"s3://{testAwsS3Bucket.Id}",
                DestinationType = "S3",
            },
            FrameworkId = testAwsAuditmanagerFramework.Id,
            Roles = new[]
            {
                new Aws.Auditmanager.Inputs.AssessmentRoleArgs
                {
                    RoleArn = testAwsIamRole.Arn,
                    RoleType = "PROCESS_OWNER",
                },
            },
            Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs
            {
                AwsAccounts = new[]
                {
                    new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs
                    {
                        Id = current.AccountId,
                    },
                },
                AwsServices = new[]
                {
                    new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs
                    {
                        ServiceName = "S3",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.auditmanager.Assessment;
    import com.pulumi.aws.auditmanager.AssessmentArgs;
    import com.pulumi.aws.auditmanager.inputs.AssessmentAssessmentReportsDestinationArgs;
    import com.pulumi.aws.auditmanager.inputs.AssessmentRoleArgs;
    import com.pulumi.aws.auditmanager.inputs.AssessmentScopeArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new Assessment("test", AssessmentArgs.builder()
                .name("example")
                .assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()
                    .destination(String.format("s3://%s", testAwsS3Bucket.id()))
                    .destinationType("S3")
                    .build())
                .frameworkId(testAwsAuditmanagerFramework.id())
                .roles(AssessmentRoleArgs.builder()
                    .roleArn(testAwsIamRole.arn())
                    .roleType("PROCESS_OWNER")
                    .build())
                .scope(AssessmentScopeArgs.builder()
                    .awsAccounts(AssessmentScopeAwsAccountArgs.builder()
                        .id(current.accountId())
                        .build())
                    .awsServices(AssessmentScopeAwsServiceArgs.builder()
                        .serviceName("S3")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      test:
        type: aws:auditmanager:Assessment
        properties:
          name: example
          assessmentReportsDestination:
            destination: s3://${testAwsS3Bucket.id}
            destinationType: S3
          frameworkId: ${testAwsAuditmanagerFramework.id}
          roles:
            - roleArn: ${testAwsIamRole.arn}
              roleType: PROCESS_OWNER
          scope:
            awsAccounts:
              - id: ${current.accountId}
            awsServices:
              - serviceName: S3
    

    Create Assessment Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Assessment(name: string, args: AssessmentArgs, opts?: CustomResourceOptions);
    @overload
    def Assessment(resource_name: str,
                   args: AssessmentArgs,
                   opts: Optional[ResourceOptions] = None)
    
    @overload
    def Assessment(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   framework_id: Optional[str] = None,
                   roles: Optional[Sequence[AssessmentRoleArgs]] = None,
                   assessment_reports_destination: Optional[AssessmentAssessmentReportsDestinationArgs] = None,
                   description: Optional[str] = None,
                   name: Optional[str] = None,
                   scope: Optional[AssessmentScopeArgs] = None,
                   tags: Optional[Mapping[str, str]] = None)
    func NewAssessment(ctx *Context, name string, args AssessmentArgs, opts ...ResourceOption) (*Assessment, error)
    public Assessment(string name, AssessmentArgs args, CustomResourceOptions? opts = null)
    public Assessment(String name, AssessmentArgs args)
    public Assessment(String name, AssessmentArgs args, CustomResourceOptions options)
    
    type: aws:auditmanager:Assessment
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AssessmentArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AssessmentArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AssessmentArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AssessmentArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AssessmentArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var assessmentResource = new Aws.Auditmanager.Assessment("assessmentResource", new()
    {
        FrameworkId = "string",
        Roles = new[]
        {
            new Aws.Auditmanager.Inputs.AssessmentRoleArgs
            {
                RoleArn = "string",
                RoleType = "string",
            },
        },
        AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs
        {
            Destination = "string",
            DestinationType = "string",
        },
        Description = "string",
        Name = "string",
        Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs
        {
            AwsAccounts = new[]
            {
                new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs
                {
                    Id = "string",
                },
            },
            AwsServices = new[]
            {
                new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs
                {
                    ServiceName = "string",
                },
            },
        },
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := auditmanager.NewAssessment(ctx, "assessmentResource", &auditmanager.AssessmentArgs{
    	FrameworkId: pulumi.String("string"),
    	Roles: auditmanager.AssessmentRoleArray{
    		&auditmanager.AssessmentRoleArgs{
    			RoleArn:  pulumi.String("string"),
    			RoleType: pulumi.String("string"),
    		},
    	},
    	AssessmentReportsDestination: &auditmanager.AssessmentAssessmentReportsDestinationArgs{
    		Destination:     pulumi.String("string"),
    		DestinationType: pulumi.String("string"),
    	},
    	Description: pulumi.String("string"),
    	Name:        pulumi.String("string"),
    	Scope: &auditmanager.AssessmentScopeArgs{
    		AwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{
    			&auditmanager.AssessmentScopeAwsAccountArgs{
    				Id: pulumi.String("string"),
    			},
    		},
    		AwsServices: auditmanager.AssessmentScopeAwsServiceArray{
    			&auditmanager.AssessmentScopeAwsServiceArgs{
    				ServiceName: pulumi.String("string"),
    			},
    		},
    	},
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var assessmentResource = new Assessment("assessmentResource", AssessmentArgs.builder()
        .frameworkId("string")
        .roles(AssessmentRoleArgs.builder()
            .roleArn("string")
            .roleType("string")
            .build())
        .assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()
            .destination("string")
            .destinationType("string")
            .build())
        .description("string")
        .name("string")
        .scope(AssessmentScopeArgs.builder()
            .awsAccounts(AssessmentScopeAwsAccountArgs.builder()
                .id("string")
                .build())
            .awsServices(AssessmentScopeAwsServiceArgs.builder()
                .serviceName("string")
                .build())
            .build())
        .tags(Map.of("string", "string"))
        .build());
    
    assessment_resource = aws.auditmanager.Assessment("assessmentResource",
        framework_id="string",
        roles=[{
            "role_arn": "string",
            "role_type": "string",
        }],
        assessment_reports_destination={
            "destination": "string",
            "destination_type": "string",
        },
        description="string",
        name="string",
        scope={
            "aws_accounts": [{
                "id": "string",
            }],
            "aws_services": [{
                "service_name": "string",
            }],
        },
        tags={
            "string": "string",
        })
    
    const assessmentResource = new aws.auditmanager.Assessment("assessmentResource", {
        frameworkId: "string",
        roles: [{
            roleArn: "string",
            roleType: "string",
        }],
        assessmentReportsDestination: {
            destination: "string",
            destinationType: "string",
        },
        description: "string",
        name: "string",
        scope: {
            awsAccounts: [{
                id: "string",
            }],
            awsServices: [{
                serviceName: "string",
            }],
        },
        tags: {
            string: "string",
        },
    });
    
    type: aws:auditmanager:Assessment
    properties:
        assessmentReportsDestination:
            destination: string
            destinationType: string
        description: string
        frameworkId: string
        name: string
        roles:
            - roleArn: string
              roleType: string
        scope:
            awsAccounts:
                - id: string
            awsServices:
                - serviceName: string
        tags:
            string: string
    

    Assessment Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Assessment resource accepts the following input properties:

    FrameworkId string
    Unique identifier of the framework the assessment will be created from.
    Roles List<AssessmentRole>
    List of roles for the assessment. See roles below.
    AssessmentReportsDestination AssessmentAssessmentReportsDestination
    Assessment report storage destination configuration. See assessment_reports_destination below.
    Description string
    Description of the assessment.
    Name string
    Name of the assessment.
    Scope AssessmentScope

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    Tags Dictionary<string, string>
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    FrameworkId string
    Unique identifier of the framework the assessment will be created from.
    Roles []AssessmentRoleArgs
    List of roles for the assessment. See roles below.
    AssessmentReportsDestination AssessmentAssessmentReportsDestinationArgs
    Assessment report storage destination configuration. See assessment_reports_destination below.
    Description string
    Description of the assessment.
    Name string
    Name of the assessment.
    Scope AssessmentScopeArgs

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    Tags map[string]string
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    frameworkId String
    Unique identifier of the framework the assessment will be created from.
    roles List<AssessmentRole>
    List of roles for the assessment. See roles below.
    assessmentReportsDestination AssessmentAssessmentReportsDestination
    Assessment report storage destination configuration. See assessment_reports_destination below.
    description String
    Description of the assessment.
    name String
    Name of the assessment.
    scope AssessmentScope

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    tags Map<String,String>
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    frameworkId string
    Unique identifier of the framework the assessment will be created from.
    roles AssessmentRole[]
    List of roles for the assessment. See roles below.
    assessmentReportsDestination AssessmentAssessmentReportsDestination
    Assessment report storage destination configuration. See assessment_reports_destination below.
    description string
    Description of the assessment.
    name string
    Name of the assessment.
    scope AssessmentScope

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    tags {[key: string]: string}
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    framework_id str
    Unique identifier of the framework the assessment will be created from.
    roles Sequence[AssessmentRoleArgs]
    List of roles for the assessment. See roles below.
    assessment_reports_destination AssessmentAssessmentReportsDestinationArgs
    Assessment report storage destination configuration. See assessment_reports_destination below.
    description str
    Description of the assessment.
    name str
    Name of the assessment.
    scope AssessmentScopeArgs

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    tags Mapping[str, str]
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    frameworkId String
    Unique identifier of the framework the assessment will be created from.
    roles List<Property Map>
    List of roles for the assessment. See roles below.
    assessmentReportsDestination Property Map
    Assessment report storage destination configuration. See assessment_reports_destination below.
    description String
    Description of the assessment.
    name String
    Name of the assessment.
    scope Property Map

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    tags Map<String>
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Assessment resource produces the following output properties:

    Arn string
    Amazon Resource Name (ARN) of the assessment.
    Id string
    The provider-assigned unique ID for this managed resource.
    RolesAlls List<AssessmentRolesAll>
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    Status string
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    TagsAll Dictionary<string, string>

    Deprecated: Please use tags instead.

    Arn string
    Amazon Resource Name (ARN) of the assessment.
    Id string
    The provider-assigned unique ID for this managed resource.
    RolesAlls []AssessmentRolesAll
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    Status string
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    TagsAll map[string]string

    Deprecated: Please use tags instead.

    arn String
    Amazon Resource Name (ARN) of the assessment.
    id String
    The provider-assigned unique ID for this managed resource.
    rolesAlls List<AssessmentRolesAll>
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    status String
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    tagsAll Map<String,String>

    Deprecated: Please use tags instead.

    arn string
    Amazon Resource Name (ARN) of the assessment.
    id string
    The provider-assigned unique ID for this managed resource.
    rolesAlls AssessmentRolesAll[]
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    status string
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    tagsAll {[key: string]: string}

    Deprecated: Please use tags instead.

    arn str
    Amazon Resource Name (ARN) of the assessment.
    id str
    The provider-assigned unique ID for this managed resource.
    roles_alls Sequence[AssessmentRolesAll]
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    status str
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    tags_all Mapping[str, str]

    Deprecated: Please use tags instead.

    arn String
    Amazon Resource Name (ARN) of the assessment.
    id String
    The provider-assigned unique ID for this managed resource.
    rolesAlls List<Property Map>
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    status String
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    tagsAll Map<String>

    Deprecated: Please use tags instead.

    Look up Existing Assessment Resource

    Get an existing Assessment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AssessmentState, opts?: CustomResourceOptions): Assessment
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            assessment_reports_destination: Optional[AssessmentAssessmentReportsDestinationArgs] = None,
            description: Optional[str] = None,
            framework_id: Optional[str] = None,
            name: Optional[str] = None,
            roles: Optional[Sequence[AssessmentRoleArgs]] = None,
            roles_alls: Optional[Sequence[AssessmentRolesAllArgs]] = None,
            scope: Optional[AssessmentScopeArgs] = None,
            status: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None) -> Assessment
    func GetAssessment(ctx *Context, name string, id IDInput, state *AssessmentState, opts ...ResourceOption) (*Assessment, error)
    public static Assessment Get(string name, Input<string> id, AssessmentState? state, CustomResourceOptions? opts = null)
    public static Assessment get(String name, Output<String> id, AssessmentState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string
    Amazon Resource Name (ARN) of the assessment.
    AssessmentReportsDestination AssessmentAssessmentReportsDestination
    Assessment report storage destination configuration. See assessment_reports_destination below.
    Description string
    Description of the assessment.
    FrameworkId string
    Unique identifier of the framework the assessment will be created from.
    Name string
    Name of the assessment.
    Roles List<AssessmentRole>
    List of roles for the assessment. See roles below.
    RolesAlls List<AssessmentRolesAll>
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    Scope AssessmentScope

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    Status string
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    Tags Dictionary<string, string>
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>

    Deprecated: Please use tags instead.

    Arn string
    Amazon Resource Name (ARN) of the assessment.
    AssessmentReportsDestination AssessmentAssessmentReportsDestinationArgs
    Assessment report storage destination configuration. See assessment_reports_destination below.
    Description string
    Description of the assessment.
    FrameworkId string
    Unique identifier of the framework the assessment will be created from.
    Name string
    Name of the assessment.
    Roles []AssessmentRoleArgs
    List of roles for the assessment. See roles below.
    RolesAlls []AssessmentRolesAllArgs
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    Scope AssessmentScopeArgs

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    Status string
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    Tags map[string]string
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string

    Deprecated: Please use tags instead.

    arn String
    Amazon Resource Name (ARN) of the assessment.
    assessmentReportsDestination AssessmentAssessmentReportsDestination
    Assessment report storage destination configuration. See assessment_reports_destination below.
    description String
    Description of the assessment.
    frameworkId String
    Unique identifier of the framework the assessment will be created from.
    name String
    Name of the assessment.
    roles List<AssessmentRole>
    List of roles for the assessment. See roles below.
    rolesAlls List<AssessmentRolesAll>
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    scope AssessmentScope

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    status String
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    tags Map<String,String>
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>

    Deprecated: Please use tags instead.

    arn string
    Amazon Resource Name (ARN) of the assessment.
    assessmentReportsDestination AssessmentAssessmentReportsDestination
    Assessment report storage destination configuration. See assessment_reports_destination below.
    description string
    Description of the assessment.
    frameworkId string
    Unique identifier of the framework the assessment will be created from.
    name string
    Name of the assessment.
    roles AssessmentRole[]
    List of roles for the assessment. See roles below.
    rolesAlls AssessmentRolesAll[]
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    scope AssessmentScope

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    status string
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    tags {[key: string]: string}
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}

    Deprecated: Please use tags instead.

    arn str
    Amazon Resource Name (ARN) of the assessment.
    assessment_reports_destination AssessmentAssessmentReportsDestinationArgs
    Assessment report storage destination configuration. See assessment_reports_destination below.
    description str
    Description of the assessment.
    framework_id str
    Unique identifier of the framework the assessment will be created from.
    name str
    Name of the assessment.
    roles Sequence[AssessmentRoleArgs]
    List of roles for the assessment. See roles below.
    roles_alls Sequence[AssessmentRolesAllArgs]
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    scope AssessmentScopeArgs

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    status str
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    tags Mapping[str, str]
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]

    Deprecated: Please use tags instead.

    arn String
    Amazon Resource Name (ARN) of the assessment.
    assessmentReportsDestination Property Map
    Assessment report storage destination configuration. See assessment_reports_destination below.
    description String
    Description of the assessment.
    frameworkId String
    Unique identifier of the framework the assessment will be created from.
    name String
    Name of the assessment.
    roles List<Property Map>
    List of roles for the assessment. See roles below.
    rolesAlls List<Property Map>
    Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.
    scope Property Map

    Amazon Web Services accounts and services that are in scope for the assessment. See scope below.

    The following arguments are optional:

    status String
    Status of the assessment. Valid values are ACTIVE and INACTIVE.
    tags Map<String>
    A map of tags to assign to the assessment. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>

    Deprecated: Please use tags instead.

    Supporting Types

    AssessmentAssessmentReportsDestination, AssessmentAssessmentReportsDestinationArgs

    Destination string
    Destination of the assessment report. This value be in the form s3://{bucket_name}.
    DestinationType string
    Destination type. Currently, S3 is the only valid value.
    Destination string
    Destination of the assessment report. This value be in the form s3://{bucket_name}.
    DestinationType string
    Destination type. Currently, S3 is the only valid value.
    destination String
    Destination of the assessment report. This value be in the form s3://{bucket_name}.
    destinationType String
    Destination type. Currently, S3 is the only valid value.
    destination string
    Destination of the assessment report. This value be in the form s3://{bucket_name}.
    destinationType string
    Destination type. Currently, S3 is the only valid value.
    destination str
    Destination of the assessment report. This value be in the form s3://{bucket_name}.
    destination_type str
    Destination type. Currently, S3 is the only valid value.
    destination String
    Destination of the assessment report. This value be in the form s3://{bucket_name}.
    destinationType String
    Destination type. Currently, S3 is the only valid value.

    AssessmentRole, AssessmentRoleArgs

    RoleArn string
    Amazon Resource Name (ARN) of the IAM role.
    RoleType string
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    RoleArn string
    Amazon Resource Name (ARN) of the IAM role.
    RoleType string
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    roleArn String
    Amazon Resource Name (ARN) of the IAM role.
    roleType String
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    roleArn string
    Amazon Resource Name (ARN) of the IAM role.
    roleType string
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    role_arn str
    Amazon Resource Name (ARN) of the IAM role.
    role_type str
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    roleArn String
    Amazon Resource Name (ARN) of the IAM role.
    roleType String
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.

    AssessmentRolesAll, AssessmentRolesAllArgs

    RoleArn string
    Amazon Resource Name (ARN) of the IAM role.
    RoleType string
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    RoleArn string
    Amazon Resource Name (ARN) of the IAM role.
    RoleType string
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    roleArn String
    Amazon Resource Name (ARN) of the IAM role.
    roleType String
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    roleArn string
    Amazon Resource Name (ARN) of the IAM role.
    roleType string
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    role_arn str
    Amazon Resource Name (ARN) of the IAM role.
    role_type str
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.
    roleArn String
    Amazon Resource Name (ARN) of the IAM role.
    roleType String
    Type of customer persona. For assessment creation, type must always be PROCESS_OWNER.

    AssessmentScope, AssessmentScopeArgs

    AwsAccounts List<AssessmentScopeAwsAccount>
    Amazon Web Services accounts that are in scope for the assessment. See aws_accounts below.
    AwsServices List<AssessmentScopeAwsService>
    Amazon Web Services services that are included in the scope of the assessment. See aws_services below.
    AwsAccounts []AssessmentScopeAwsAccount
    Amazon Web Services accounts that are in scope for the assessment. See aws_accounts below.
    AwsServices []AssessmentScopeAwsService
    Amazon Web Services services that are included in the scope of the assessment. See aws_services below.
    awsAccounts List<AssessmentScopeAwsAccount>
    Amazon Web Services accounts that are in scope for the assessment. See aws_accounts below.
    awsServices List<AssessmentScopeAwsService>
    Amazon Web Services services that are included in the scope of the assessment. See aws_services below.
    awsAccounts AssessmentScopeAwsAccount[]
    Amazon Web Services accounts that are in scope for the assessment. See aws_accounts below.
    awsServices AssessmentScopeAwsService[]
    Amazon Web Services services that are included in the scope of the assessment. See aws_services below.
    aws_accounts Sequence[AssessmentScopeAwsAccount]
    Amazon Web Services accounts that are in scope for the assessment. See aws_accounts below.
    aws_services Sequence[AssessmentScopeAwsService]
    Amazon Web Services services that are included in the scope of the assessment. See aws_services below.
    awsAccounts List<Property Map>
    Amazon Web Services accounts that are in scope for the assessment. See aws_accounts below.
    awsServices List<Property Map>
    Amazon Web Services services that are included in the scope of the assessment. See aws_services below.

    AssessmentScopeAwsAccount, AssessmentScopeAwsAccountArgs

    Id string
    Identifier for the Amazon Web Services account.
    Id string
    Identifier for the Amazon Web Services account.
    id String
    Identifier for the Amazon Web Services account.
    id string
    Identifier for the Amazon Web Services account.
    id str
    Identifier for the Amazon Web Services account.
    id String
    Identifier for the Amazon Web Services account.

    AssessmentScopeAwsService, AssessmentScopeAwsServiceArgs

    ServiceName string
    Name of the Amazon Web Service.
    ServiceName string
    Name of the Amazon Web Service.
    serviceName String
    Name of the Amazon Web Service.
    serviceName string
    Name of the Amazon Web Service.
    service_name str
    Name of the Amazon Web Service.
    serviceName String
    Name of the Amazon Web Service.

    Import

    Using pulumi import, import Audit Manager Assessments using the assessment id. For example:

    $ pulumi import aws:auditmanager/assessment:Assessment example abc123-de45
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.64.0 published on Friday, Dec 6, 2024 by Pulumi