AWS Classic

v4.30.0 published on Tuesday, Nov 30, 2021 by Pulumi

getBillingServiceAccount

Use this data source to get the Account ID of the AWS Billing and Cost Management Service Account for the purpose of permitting in S3 bucket policy.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var main = Output.Create(Aws.GetBillingServiceAccount.InvokeAsync());
        var billingLogs = new Aws.S3.Bucket("billingLogs", new Aws.S3.BucketArgs
        {
            Acl = "private",
            Policy = Output.Tuple(main, main).Apply(values =>
            {
                var main = values.Item1;
                var main1 = values.Item2;
                return @$"{{
  ""Id"": ""Policy"",
  ""Version"": ""2012-10-17"",
  ""Statement"": [
    {{
      ""Action"": [
        ""s3:GetBucketAcl"", ""s3:GetBucketPolicy""
      ],
      ""Effect"": ""Allow"",
      ""Resource"": ""arn:aws:s3:::my-billing-tf-test-bucket"",
      ""Principal"": {{
        ""AWS"": [
          ""{main.Arn}""
        ]
      }}
    }},
    {{
      ""Action"": [
        ""s3:PutObject""
      ],
      ""Effect"": ""Allow"",
      ""Resource"": ""arn:aws:s3:::my-billing-tf-test-bucket/*"",
      ""Principal"": {{
        ""AWS"": [
          ""{main1.Arn}""
        ]
      }}
    }}
  ]
}}

";
            }),
        });
    }

}
package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws"
	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		main, err := aws.GetBillingServiceAccount(ctx, nil, nil)
		if err != nil {
			return err
		}
		_, err = s3.NewBucket(ctx, "billingLogs", &s3.BucketArgs{
			Acl:    pulumi.String("private"),
			Policy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Id\": \"Policy\",\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"s3:GetBucketAcl\", \"s3:GetBucketPolicy\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"arn:aws:s3:::my-billing-tf-test-bucket\",\n", "      \"Principal\": {\n", "        \"AWS\": [\n", "          \"", main.Arn, "\"\n", "        ]\n", "      }\n", "    },\n", "    {\n", "      \"Action\": [\n", "        \"s3:PutObject\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"arn:aws:s3:::my-billing-tf-test-bucket/*\",\n", "      \"Principal\": {\n", "        \"AWS\": [\n", "          \"", main.Arn, "\"\n", "        ]\n", "      }\n", "    }\n", "  ]\n", "}\n", "\n")),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_aws as aws

main = aws.get_billing_service_account()
billing_logs = aws.s3.Bucket("billingLogs",
    acl="private",
    policy=f"""{{
  "Id": "Policy",
  "Version": "2012-10-17",
  "Statement": [
    {{
      "Action": [
        "s3:GetBucketAcl", "s3:GetBucketPolicy"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-billing-tf-test-bucket",
      "Principal": {{
        "AWS": [
          "{main.arn}"
        ]
      }}
    }},
    {{
      "Action": [
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-billing-tf-test-bucket/*",
      "Principal": {{
        "AWS": [
          "{main.arn}"
        ]
      }}
    }}
  ]
}}

""")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = pulumi.output(aws.getBillingServiceAccount());
const billingLogs = new aws.s3.Bucket("billing_logs", {
    acl: "private",
    policy: pulumi.interpolate`{
  "Id": "Policy",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:GetBucketAcl", "s3:GetBucketPolicy"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-billing-tf-test-bucket",
      "Principal": {
        "AWS": [
          "${main.arn}"
        ]
      }
    },
    {
      "Action": [
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-billing-tf-test-bucket/*",
      "Principal": {
        "AWS": [
          "${main.arn}"
        ]
      }
    }
  ]
}
`,
});

Using getBillingServiceAccount

function getBillingServiceAccount(opts?: InvokeOptions): Promise<GetBillingServiceAccountResult>
def get_billing_service_account(opts: Optional[InvokeOptions] = None) -> GetBillingServiceAccountResult
func GetBillingServiceAccount(ctx *Context, opts ...InvokeOption) (*GetBillingServiceAccountResult, error)

> Note: This function is named GetBillingServiceAccount in the Go SDK.

public static class GetBillingServiceAccount 
{
    public static Task<GetBillingServiceAccountResult> InvokeAsync(InvokeOptions? opts = null)
}

getBillingServiceAccount Result

The following output properties are available:

Arn string
The ARN of the AWS billing service account.
Id string
The provider-assigned unique ID for this managed resource.
Arn string
The ARN of the AWS billing service account.
Id string
The provider-assigned unique ID for this managed resource.
arn string
The ARN of the AWS billing service account.
id string
The provider-assigned unique ID for this managed resource.
arn str
The ARN of the AWS billing service account.
id str
The provider-assigned unique ID for this managed resource.

Package Details

Repository
https://github.com/pulumi/pulumi-aws
License
Apache-2.0
Notes
This Pulumi package is based on the aws Terraform Provider.