aws logo
AWS Classic v5.41.0, May 15 23

aws.cloudfront.FieldLevelEncryptionProfile

Explore with Pulumi AI

Provides a CloudFront Field-level Encryption Profile resource.

Example Usage

using System.Collections.Generic;
using System.IO;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.CloudFront.PublicKey("example", new()
    {
        Comment = "test public key",
        EncodedKey = File.ReadAllText("public_key.pem"),
    });

    var test = new Aws.CloudFront.FieldLevelEncryptionProfile("test", new()
    {
        Comment = "test comment",
        EncryptionEntities = new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesArgs
        {
            Items = new[]
            {
                new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesItemArgs
                {
                    PublicKeyId = example.Id,
                    ProviderId = "test provider",
                    FieldPatterns = new Aws.CloudFront.Inputs.FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs
                    {
                        Items = new[]
                        {
                            "DateOfBirth",
                        },
                    },
                },
            },
        },
    });

});
package main

import (
	"os"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := cloudfront.NewPublicKey(ctx, "example", &cloudfront.PublicKeyArgs{
			Comment:    pulumi.String("test public key"),
			EncodedKey: readFileOrPanic("public_key.pem"),
		})
		if err != nil {
			return err
		}
		_, err = cloudfront.NewFieldLevelEncryptionProfile(ctx, "test", &cloudfront.FieldLevelEncryptionProfileArgs{
			Comment: pulumi.String("test comment"),
			EncryptionEntities: &cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesArgs{
				Items: cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemArray{
					&cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemArgs{
						PublicKeyId: example.ID(),
						ProviderId:  pulumi.String("test provider"),
						FieldPatterns: &cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs{
							Items: pulumi.StringArray{
								pulumi.String("DateOfBirth"),
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.PublicKey;
import com.pulumi.aws.cloudfront.PublicKeyArgs;
import com.pulumi.aws.cloudfront.FieldLevelEncryptionProfile;
import com.pulumi.aws.cloudfront.FieldLevelEncryptionProfileArgs;
import com.pulumi.aws.cloudfront.inputs.FieldLevelEncryptionProfileEncryptionEntitiesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new PublicKey("example", PublicKeyArgs.builder()        
            .comment("test public key")
            .encodedKey(Files.readString(Paths.get("public_key.pem")))
            .build());

        var test = new FieldLevelEncryptionProfile("test", FieldLevelEncryptionProfileArgs.builder()        
            .comment("test comment")
            .encryptionEntities(FieldLevelEncryptionProfileEncryptionEntitiesArgs.builder()
                .items(FieldLevelEncryptionProfileEncryptionEntitiesItemArgs.builder()
                    .publicKeyId(example.id())
                    .providerId("test provider")
                    .fieldPatterns(FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs.builder()
                        .items("DateOfBirth")
                        .build())
                    .build())
                .build())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

example = aws.cloudfront.PublicKey("example",
    comment="test public key",
    encoded_key=(lambda path: open(path).read())("public_key.pem"))
test = aws.cloudfront.FieldLevelEncryptionProfile("test",
    comment="test comment",
    encryption_entities=aws.cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesArgs(
        items=[aws.cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemArgs(
            public_key_id=example.id,
            provider_id="test provider",
            field_patterns=aws.cloudfront.FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatternsArgs(
                items=["DateOfBirth"],
            ),
        )],
    ))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as fs from "fs";

const example = new aws.cloudfront.PublicKey("example", {
    comment: "test public key",
    encodedKey: fs.readFileSync("public_key.pem"),
});
const test = new aws.cloudfront.FieldLevelEncryptionProfile("test", {
    comment: "test comment",
    encryptionEntities: {
        items: [{
            publicKeyId: example.id,
            providerId: "test provider",
            fieldPatterns: {
                items: ["DateOfBirth"],
            },
        }],
    },
});
resources:
  example:
    type: aws:cloudfront:PublicKey
    properties:
      comment: test public key
      encodedKey:
        fn::readFile: public_key.pem
  test:
    type: aws:cloudfront:FieldLevelEncryptionProfile
    properties:
      comment: test comment
      encryptionEntities:
        items:
          - publicKeyId: ${example.id}
            providerId: test provider
            fieldPatterns:
              items:
                - DateOfBirth

Create FieldLevelEncryptionProfile Resource

new FieldLevelEncryptionProfile(name: string, args: FieldLevelEncryptionProfileArgs, opts?: CustomResourceOptions);
@overload
def FieldLevelEncryptionProfile(resource_name: str,
                                opts: Optional[ResourceOptions] = None,
                                comment: Optional[str] = None,
                                encryption_entities: Optional[FieldLevelEncryptionProfileEncryptionEntitiesArgs] = None,
                                name: Optional[str] = None)
@overload
def FieldLevelEncryptionProfile(resource_name: str,
                                args: FieldLevelEncryptionProfileArgs,
                                opts: Optional[ResourceOptions] = None)
func NewFieldLevelEncryptionProfile(ctx *Context, name string, args FieldLevelEncryptionProfileArgs, opts ...ResourceOption) (*FieldLevelEncryptionProfile, error)
public FieldLevelEncryptionProfile(string name, FieldLevelEncryptionProfileArgs args, CustomResourceOptions? opts = null)
public FieldLevelEncryptionProfile(String name, FieldLevelEncryptionProfileArgs args)
public FieldLevelEncryptionProfile(String name, FieldLevelEncryptionProfileArgs args, CustomResourceOptions options)
type: aws:cloudfront:FieldLevelEncryptionProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args FieldLevelEncryptionProfileArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args FieldLevelEncryptionProfileArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args FieldLevelEncryptionProfileArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args FieldLevelEncryptionProfileArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args FieldLevelEncryptionProfileArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

FieldLevelEncryptionProfile Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The FieldLevelEncryptionProfile resource accepts the following input properties:

EncryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

Comment string

An optional comment about the Field Level Encryption Profile.

Name string

The name of the Field Level Encryption Profile.

EncryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

Comment string

An optional comment about the Field Level Encryption Profile.

Name string

The name of the Field Level Encryption Profile.

encryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

comment String

An optional comment about the Field Level Encryption Profile.

name String

The name of the Field Level Encryption Profile.

encryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

comment string

An optional comment about the Field Level Encryption Profile.

name string

The name of the Field Level Encryption Profile.

encryption_entities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

comment str

An optional comment about the Field Level Encryption Profile.

name str

The name of the Field Level Encryption Profile.

encryptionEntities Property Map

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

comment String

An optional comment about the Field Level Encryption Profile.

name String

The name of the Field Level Encryption Profile.

Outputs

All input properties are implicitly available as output properties. Additionally, the FieldLevelEncryptionProfile resource produces the following output properties:

CallerReference string

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

Etag string

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

Id string

The provider-assigned unique ID for this managed resource.

CallerReference string

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

Etag string

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

Id string

The provider-assigned unique ID for this managed resource.

callerReference String

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

etag String

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

id String

The provider-assigned unique ID for this managed resource.

callerReference string

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

etag string

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

id string

The provider-assigned unique ID for this managed resource.

caller_reference str

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

etag str

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

id str

The provider-assigned unique ID for this managed resource.

callerReference String

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

etag String

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing FieldLevelEncryptionProfile Resource

Get an existing FieldLevelEncryptionProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FieldLevelEncryptionProfileState, opts?: CustomResourceOptions): FieldLevelEncryptionProfile
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        caller_reference: Optional[str] = None,
        comment: Optional[str] = None,
        encryption_entities: Optional[FieldLevelEncryptionProfileEncryptionEntitiesArgs] = None,
        etag: Optional[str] = None,
        name: Optional[str] = None) -> FieldLevelEncryptionProfile
func GetFieldLevelEncryptionProfile(ctx *Context, name string, id IDInput, state *FieldLevelEncryptionProfileState, opts ...ResourceOption) (*FieldLevelEncryptionProfile, error)
public static FieldLevelEncryptionProfile Get(string name, Input<string> id, FieldLevelEncryptionProfileState? state, CustomResourceOptions? opts = null)
public static FieldLevelEncryptionProfile get(String name, Output<String> id, FieldLevelEncryptionProfileState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
CallerReference string

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

Comment string

An optional comment about the Field Level Encryption Profile.

EncryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

Etag string

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

Name string

The name of the Field Level Encryption Profile.

CallerReference string

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

Comment string

An optional comment about the Field Level Encryption Profile.

EncryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

Etag string

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

Name string

The name of the Field Level Encryption Profile.

callerReference String

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

comment String

An optional comment about the Field Level Encryption Profile.

encryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

etag String

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

name String

The name of the Field Level Encryption Profile.

callerReference string

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

comment string

An optional comment about the Field Level Encryption Profile.

encryptionEntities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

etag string

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

name string

The name of the Field Level Encryption Profile.

caller_reference str

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

comment str

An optional comment about the Field Level Encryption Profile.

encryption_entities FieldLevelEncryptionProfileEncryptionEntitiesArgs

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

etag str

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

name str

The name of the Field Level Encryption Profile.

callerReference String

Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.

comment String

An optional comment about the Field Level Encryption Profile.

encryptionEntities Property Map

The encryption entities config block for field-level encryption profiles that contains an attribute items which includes the encryption key and field pattern specifications.

etag String

The current version of the Field Level Encryption Profile. For example: E2QWRUHAPOMQZL.

name String

The name of the Field Level Encryption Profile.

Supporting Types

FieldLevelEncryptionProfileEncryptionEntities

FieldLevelEncryptionProfileEncryptionEntitiesItem

FieldPatterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns

Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.

ProviderId string

The provider associated with the public key being used for encryption.

PublicKeyId string

The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

FieldPatterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns

Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.

ProviderId string

The provider associated with the public key being used for encryption.

PublicKeyId string

The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

fieldPatterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns

Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.

providerId String

The provider associated with the public key being used for encryption.

publicKeyId String

The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

fieldPatterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns

Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.

providerId string

The provider associated with the public key being used for encryption.

publicKeyId string

The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

field_patterns FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns

Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.

provider_id str

The provider associated with the public key being used for encryption.

public_key_id str

The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

fieldPatterns Property Map

Object that contains an attribute items that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.

providerId String

The provider associated with the public key being used for encryption.

publicKeyId String

The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns

Items List<string>
Items []string
items List<String>
items string[]
items Sequence[str]
items List<String>

Import

Cloudfront Field Level Encryption Profile can be imported using the id, e.g.

 $ pulumi import aws:cloudfront/fieldLevelEncryptionProfile:FieldLevelEncryptionProfile profile K3D5EWEUDCCXON

Package Details

Repository
AWS Classic pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.