AWS Classic v5.41.0, May 15 23

aws.cloudfront.FieldLevelEncryptionProfile

Explore with Pulumi AI

Provides a CloudFront Field-level Encryption Profile resource.

Example Usage

using System.Collections.Generic;
using System.IO;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.CloudFront.PublicKey("example", new()
    {
        Comment = "test public key",
        EncodedKey = File.ReadAllText("public_key.pem"),
    });

    var test = new Aws.CloudFront.FieldLevelEncryptionProfile("test", new()
    {
        Comment = "test comment",
        EncryptionEntities = new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesArgs
        {
            Items = new[]
            {
                new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesItemArgs
                {
                    PublicKeyId = example.Id,
                    ProviderId = "test provider",
                    FieldPatterns = new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs
                    {
                        Items = new[]
                        {
                            "DateOfBirth",
                        },
                    },
                },
            },
        },
    });

});

package main

import (
	"os"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := cloudfront.NewPublicKey(ctx, "example", &cloudfront.PublicKeyArgs{
			Comment:    pulumi.String("test public key"),
			EncodedKey: readFileOrPanic("public_key.pem"),
		})
		if err != nil {
			return err
		}
		_, err = cloudfront.NewFieldLevelEncryptionProfile(ctx, "test", &cloudfront.FieldLevelEncryptionProfileArgs{
			Comment: pulumi.String("test comment"),
			EncryptionEntities: &cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesArgs{
				Items: cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemArray{
					&cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemArgs{
						PublicKeyId: example.ID(),
						ProviderId:  pulumi.String("test provider"),
						FieldPatterns: &cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs{
							Items: pulumi.StringArray{
								pulumi.String("DateOfBirth"),
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.PublicKey;
import com.pulumi.aws.cloudfront.PublicKeyArgs;
import com.pulumi.aws.cloudfront.FieldLevelEncryptionProfile;
import com.pulumi.aws.cloudfront.FieldLevelEncryptionProfileArgs;
import com.pulumi.aws.cloudfront.inputs.FieldLevelEncryptionProfileEncryptionEntitiesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new PublicKey("example", PublicKeyArgs.builder()        
            .comment("test public key")
            .encodedKey(Files.readString(Paths.get("public_key.pem")))
            .build());

        var test = new FieldLevelEncryptionProfile("test", FieldLevelEncryptionProfileArgs.builder()        
            .comment("test comment")
            .encryptionEntities(FieldLevelEncryptionProfileEncryptionEntitiesArgs.builder()
                .items(FieldLevelEncryptionProfileEncryptionEntitiesItemArgs.builder()
                    .publicKeyId(example.id())
                    .providerId("test provider")
                    .fieldPatterns(FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs.builder()
                        .items("DateOfBirth")
                        .build())
                    .build())
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

example = aws.cloudfront.PublicKey("example",
    comment="test public key",
    encoded_key=(lambda path: open(path).read())("public_key.pem"))
test = aws.cloudfront.FieldLevelEncryptionProfile("test",
    comment="test comment",
    encryption_entities=aws.cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesArgs(
        items=[aws.cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemArgs(
            public_key_id=example.id,
            provider_id="test provider",
            field_patterns=aws.cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs(
                items=["DateOfBirth"],
            ),
        )],
    ))

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as fs from "fs";

const example = new aws.cloudfront.PublicKey("example", {
    comment: "test public key",
    encodedKey: fs.readFileSync("public_key.pem"),
});
const test = new aws.cloudfront.FieldLevelEncryptionProfile("test", {
    comment: "test comment",
    encryptionEntities: {
        items: [{
            publicKeyId: example.id,
            providerId: "test provider",
            fieldPatterns: {
                items: ["DateOfBirth"],
            },
        }],
    },
});

resources:
  example:
    type: aws:cloudfront:PublicKey
    properties:
      comment: test public key
      encodedKey:
        fn::readFile: public_key.pem
  test:
    type: aws:cloudfront:FieldLevelEncryptionProfile
    properties:
      comment: test comment
      encryptionEntities:
        items:
          - publicKeyId: ${example.id}
            providerId: test provider
            fieldPatterns:
              items:
                - DateOfBirth

Create FieldLevelEncryptionProfile Resource

new FieldLevelEncryptionProfile(name: string, args: FieldLevelEncryptionProfileArgs, opts?: CustomResourceOptions);

@overload
def FieldLevelEncryptionProfile(resource_name: str,
                                opts: Optional[ResourceOptions] = None,
                                comment: Optional[str] = None,
                                encryption_entities: Optional[FieldLevelEncryptionProfileEncryptionEntitiesArgs] = None,
                                name: Optional[str] = None)
@overload
def FieldLevelEncryptionProfile(resource_name: str,
                                args: FieldLevelEncryptionProfileArgs,
                                opts: Optional[ResourceOptions] = None)

func NewFieldLevelEncryptionProfile(ctx *Context, name string, args FieldLevelEncryptionProfileArgs, opts ...ResourceOption) (*FieldLevelEncryptionProfile, error)

public FieldLevelEncryptionProfile(string name, FieldLevelEncryptionProfileArgs args, CustomResourceOptions? opts = null)

public FieldLevelEncryptionProfile(String name, FieldLevelEncryptionProfileArgs args)
public FieldLevelEncryptionProfile(String name, FieldLevelEncryptionProfileArgs args, CustomResourceOptions options)

type: aws:cloudfront:FieldLevelEncryptionProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FieldLevelEncryptionProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args FieldLevelEncryptionProfileArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args FieldLevelEncryptionProfileArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FieldLevelEncryptionProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args FieldLevelEncryptionProfileArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

FieldLevelEncryptionProfile Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The FieldLevelEncryptionProfile resource accepts the following input properties:

EncryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
Comment string: An optional comment about the Field Level Encryption Profile.
Name string: The name of the Field Level Encryption Profile.

EncryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
Comment string: An optional comment about the Field Level Encryption Profile.
Name string: The name of the Field Level Encryption Profile.

encryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
comment String: An optional comment about the Field Level Encryption Profile.
name String: The name of the Field Level Encryption Profile.

encryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
comment string: An optional comment about the Field Level Encryption Profile.
name string: The name of the Field Level Encryption Profile.

encryption_entities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
comment str: An optional comment about the Field Level Encryption Profile.
name str: The name of the Field Level Encryption Profile.

encryptionEntities Property Map: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
comment String: An optional comment about the Field Level Encryption Profile.
name String: The name of the Field Level Encryption Profile.

Outputs

All input properties are implicitly available as output properties. Additionally, the FieldLevelEncryptionProfile resource produces the following output properties:

CallerReference string: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
Etag string: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
Id string: The provider-assigned unique ID for this managed resource.

CallerReference string: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
Etag string: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
Id string: The provider-assigned unique ID for this managed resource.

callerReference String: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
etag String: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
id String: The provider-assigned unique ID for this managed resource.

callerReference string: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
etag string: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
id string: The provider-assigned unique ID for this managed resource.

caller_reference str: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
etag str: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
id str: The provider-assigned unique ID for this managed resource.

callerReference String: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
etag String: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
id String: The provider-assigned unique ID for this managed resource.

Look up Existing FieldLevelEncryptionProfile Resource

Get an existing FieldLevelEncryptionProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FieldLevelEncryptionProfileState, opts?: CustomResourceOptions): FieldLevelEncryptionProfile

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        caller_reference: Optional[str] = None,
        comment: Optional[str] = None,
        encryption_entities: Optional[FieldLevelEncryptionProfileEncryptionEntitiesArgs] = None,
        etag: Optional[str] = None,
        name: Optional[str] = None) -> FieldLevelEncryptionProfile

func GetFieldLevelEncryptionProfile(ctx *Context, name string, id IDInput, state *FieldLevelEncryptionProfileState, opts ...ResourceOption) (*FieldLevelEncryptionProfile, error)

public static FieldLevelEncryptionProfile Get(string name, Input<string> id, FieldLevelEncryptionProfileState? state, CustomResourceOptions? opts = null)

public static FieldLevelEncryptionProfile get(String name, Output<String> id, FieldLevelEncryptionProfileState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CallerReference string: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
Comment string: An optional comment about the Field Level Encryption Profile.
EncryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
Etag string: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
Name string: The name of the Field Level Encryption Profile.

CallerReference string: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
Comment string: An optional comment about the Field Level Encryption Profile.
EncryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
Etag string: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
Name string: The name of the Field Level Encryption Profile.

callerReference String: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
comment String: An optional comment about the Field Level Encryption Profile.
encryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
etag String: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
name String: The name of the Field Level Encryption Profile.

callerReference string: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
comment string: An optional comment about the Field Level Encryption Profile.
encryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
etag string: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
name string: The name of the Field Level Encryption Profile.

caller_reference str: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
comment str: An optional comment about the Field Level Encryption Profile.
encryption_entities FieldLevelEncryptionProfileEncryptionEntitiesArgs: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
etag str: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
name str: The name of the Field Level Encryption Profile.

callerReference String: Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.
comment String: An optional comment about the Field Level Encryption Profile.
encryptionEntities Property Map: The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.
etag String: The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.
name String: The name of the Field Level Encryption Profile.

Supporting Types

FieldLevelEncryptionProfileEncryptionEntities

Items List<FieldLevelEncryptionProfileEncryptionEntitiesItem>

Items []FieldLevelEncryptionProfileEncryptionEntitiesItem

items List<FieldLevelEncryptionProfileEncryptionEntitiesItem>

items FieldLevelEncryptionProfileEncryptionEntitiesItem[]

items Sequence[FieldLevelEncryptionProfileEncryptionEntitiesItem]

items List<Property Map>

FieldLevelEncryptionProfileEncryptionEntitiesItem

FieldPatterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns: Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.
ProviderId string: The provider associated with the public key being used for encryption.
PublicKeyId string: The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

FieldPatterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns: Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.
ProviderId string: The provider associated with the public key being used for encryption.
PublicKeyId string: The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

fieldPatterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns: Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.
providerId String: The provider associated with the public key being used for encryption.
publicKeyId String: The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

fieldPatterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns: Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.
providerId string: The provider associated with the public key being used for encryption.
publicKeyId string: The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

field_patterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns: Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.
provider_id str: The provider associated with the public key being used for encryption.
public_key_id str: The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

fieldPatterns Property Map: Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.
providerId String: The provider associated with the public key being used for encryption.
publicKeyId String: The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

Import

Cloudfront Field Level Encryption Profile can be imported using the id, e.g.

 $ pulumi import aws:cloudfront/fieldLevelEncryptionProfile:FieldLevelEncryptionProfile profile K3D5EWEUDCCXON

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.