AWS Classic
Pulumi Official
Package maintained by Pulumiv5.9.1 published on Tuesday, Jun 21, 2022 by Pulumi
getBillingServiceAccount
Use this data source to get the Account ID of the AWS Billing and Cost Management Service Account for the purpose of permitting in S3 bucket policy.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var main = Output.Create(Aws.GetBillingServiceAccount.InvokeAsync());
var billingLogs = new Aws.S3.BucketV2("billingLogs", new Aws.S3.BucketV2Args
{
});
var billingLogsAcl = new Aws.S3.BucketAclV2("billingLogsAcl", new Aws.S3.BucketAclV2Args
{
Bucket = billingLogs.Id,
Acl = "private",
});
var allowBillingLogging = new Aws.S3.BucketPolicy("allowBillingLogging", new Aws.S3.BucketPolicyArgs
{
Bucket = billingLogs.Id,
Policy = Output.Tuple(main, main).Apply(values =>
{
var main = values.Item1;
var main1 = values.Item2;
return @$"{{
""Id"": ""Policy"",
""Version"": ""2012-10-17"",
""Statement"": [
{{
""Action"": [
""s3:GetBucketAcl"", ""s3:GetBucketPolicy""
],
""Effect"": ""Allow"",
""Resource"": ""arn:aws:s3:::my-billing-tf-test-bucket"",
""Principal"": {{
""AWS"": [
""{main.Arn}""
]
}}
}},
{{
""Action"": [
""s3:PutObject""
],
""Effect"": ""Allow"",
""Resource"": ""arn:aws:s3:::my-billing-tf-test-bucket/*"",
""Principal"": {{
""AWS"": [
""{main1.Arn}""
]
}}
}}
]
}}
";
}),
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
main, err := aws.GetBillingServiceAccount(ctx, nil, nil)
if err != nil {
return err
}
billingLogs, err := s3.NewBucketV2(ctx, "billingLogs", nil)
if err != nil {
return err
}
_, err = s3.NewBucketAclV2(ctx, "billingLogsAcl", &s3.BucketAclV2Args{
Bucket: billingLogs.ID(),
Acl: pulumi.String("private"),
})
if err != nil {
return err
}
_, err = s3.NewBucketPolicy(ctx, "allowBillingLogging", &s3.BucketPolicyArgs{
Bucket: billingLogs.ID(),
Policy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Id\": \"Policy\",\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": [\n", " \"s3:GetBucketAcl\", \"s3:GetBucketPolicy\"\n", " ],\n", " \"Effect\": \"Allow\",\n", " \"Resource\": \"arn:aws:s3:::my-billing-tf-test-bucket\",\n", " \"Principal\": {\n", " \"AWS\": [\n", " \"", main.Arn, "\"\n", " ]\n", " }\n", " },\n", " {\n", " \"Action\": [\n", " \"s3:PutObject\"\n", " ],\n", " \"Effect\": \"Allow\",\n", " \"Resource\": \"arn:aws:s3:::my-billing-tf-test-bucket/*\",\n", " \"Principal\": {\n", " \"AWS\": [\n", " \"", main.Arn, "\"\n", " ]\n", " }\n", " }\n", " ]\n", "}\n")),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var main = Output.of(AwsFunctions.getBillingServiceAccount());
var billingLogs = new BucketV2("billingLogs");
var billingLogsAcl = new BucketAclV2("billingLogsAcl", BucketAclV2Args.builder()
.bucket(billingLogs.id())
.acl("private")
.build());
var allowBillingLogging = new BucketPolicy("allowBillingLogging", BucketPolicyArgs.builder()
.bucket(billingLogs.id())
.policy("""
{
"Id": "Policy",
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetBucketAcl", "s3:GetBucketPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket",
"Principal": {
"AWS": [
"%s"
]
}
},
{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket/*",
"Principal": {
"AWS": [
"%s"
]
}
}
]
}
", main.apply(getBillingServiceAccountResult -> getBillingServiceAccountResult.arn()),main.apply(getBillingServiceAccountResult -> getBillingServiceAccountResult.arn())))
.build());
}
}
import pulumi
import pulumi_aws as aws
main = aws.get_billing_service_account()
billing_logs = aws.s3.BucketV2("billingLogs")
billing_logs_acl = aws.s3.BucketAclV2("billingLogsAcl",
bucket=billing_logs.id,
acl="private")
allow_billing_logging = aws.s3.BucketPolicy("allowBillingLogging",
bucket=billing_logs.id,
policy=f"""{{
"Id": "Policy",
"Version": "2012-10-17",
"Statement": [
{{
"Action": [
"s3:GetBucketAcl", "s3:GetBucketPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket",
"Principal": {{
"AWS": [
"{main.arn}"
]
}}
}},
{{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket/*",
"Principal": {{
"AWS": [
"{main.arn}"
]
}}
}}
]
}}
""")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const main = aws.getBillingServiceAccount({});
const billingLogs = new aws.s3.BucketV2("billingLogs", {});
const billingLogsAcl = new aws.s3.BucketAclV2("billingLogsAcl", {
bucket: billingLogs.id,
acl: "private",
});
const allowBillingLogging = new aws.s3.BucketPolicy("allowBillingLogging", {
bucket: billingLogs.id,
policy: Promise.all([main, main]).then(([main, main1]) => `{
"Id": "Policy",
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetBucketAcl", "s3:GetBucketPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket",
"Principal": {
"AWS": [
"${main.arn}"
]
}
},
{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket/*",
"Principal": {
"AWS": [
"${main1.arn}"
]
}
}
]
}
`),
});
resources:
billingLogs:
type: aws:s3:BucketV2
billingLogsAcl:
type: aws:s3:BucketAclV2
properties:
bucket: ${billingLogs.id}
acl: private
allowBillingLogging:
type: aws:s3:BucketPolicy
properties:
bucket: ${billingLogs.id}
policy: |
{
"Id": "Policy",
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetBucketAcl", "s3:GetBucketPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket",
"Principal": {
"AWS": [
"${main.arn}"
]
}
},
{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket/*",
"Principal": {
"AWS": [
"${main.arn}"
]
}
}
]
}
variables:
main:
Fn::Invoke:
Function: aws:getBillingServiceAccount
Arguments: {}
Using getBillingServiceAccount
function getBillingServiceAccount(opts?: InvokeOptions): Promise<GetBillingServiceAccountResult>def get_billing_service_account(opts: Optional[InvokeOptions] = None) -> GetBillingServiceAccountResultfunc GetBillingServiceAccount(ctx *Context, opts ...InvokeOption) (*GetBillingServiceAccountResult, error)> Note: This function is named GetBillingServiceAccount in the Go SDK.
public static class GetBillingServiceAccount
{
public static Task<GetBillingServiceAccountResult> InvokeAsync(InvokeOptions? opts = null)
}public static CompletableFuture<GetBillingServiceAccountResult> getBillingServiceAccount(InvokeOptions options)
// Output-based functions aren't available in Java yet
Fn::Invoke:
Function: aws:index/getBillingServiceAccount:getBillingServiceAccount
Arguments:
# Arguments dictionarygetBillingServiceAccount Result
The following output properties are available:
Package Details
- Repository
- https://github.com/pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.