Docs
Packages
AWS Classic v5.41.0, May 15 23
AWS Classic v5.41.0, May 15 23
aws.securityhub.OrganizationAdminAccount
Explore with Pulumi AI
Manages a Security Hub administrator account for an organization. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in Security Hub can be found in the Security Hub User Guide.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleOrganization = new Aws.Organizations.Organization("exampleOrganization", new()
{
AwsServiceAccessPrincipals = new[]
{
"securityhub.amazonaws.com",
},
FeatureSet = "ALL",
});
var exampleAccount = new Aws.SecurityHub.Account("exampleAccount");
var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount("exampleOrganizationAdminAccount", new()
{
AdminAccountId = "123456789012",
}, new CustomResourceOptions
{
DependsOn = new[]
{
exampleOrganization,
},
});
// Auto enable security hub in organization member accounts
var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration("exampleOrganizationConfiguration", new()
{
AutoEnable = true,
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/organizations"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleOrganization, err := organizations.NewOrganization(ctx, "exampleOrganization", &organizations.OrganizationArgs{
AwsServiceAccessPrincipals: pulumi.StringArray{
pulumi.String("securityhub.amazonaws.com"),
},
FeatureSet: pulumi.String("ALL"),
})
if err != nil {
return err
}
_, err = securityhub.NewAccount(ctx, "exampleAccount", nil)
if err != nil {
return err
}
_, err = securityhub.NewOrganizationAdminAccount(ctx, "exampleOrganizationAdminAccount", &securityhub.OrganizationAdminAccountArgs{
AdminAccountId: pulumi.String("123456789012"),
}, pulumi.DependsOn([]pulumi.Resource{
exampleOrganization,
}))
if err != nil {
return err
}
_, err = securityhub.NewOrganizationConfiguration(ctx, "exampleOrganizationConfiguration", &securityhub.OrganizationConfigurationArgs{
AutoEnable: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.organizations.Organization;
import com.pulumi.aws.organizations.OrganizationArgs;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.OrganizationAdminAccount;
import com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;
import com.pulumi.aws.securityhub.OrganizationConfiguration;
import com.pulumi.aws.securityhub.OrganizationConfigurationArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleOrganization = new Organization("exampleOrganization", OrganizationArgs.builder()
.awsServiceAccessPrincipals("securityhub.amazonaws.com")
.featureSet("ALL")
.build());
var exampleAccount = new Account("exampleAccount");
var exampleOrganizationAdminAccount = new OrganizationAdminAccount("exampleOrganizationAdminAccount", OrganizationAdminAccountArgs.builder()
.adminAccountId("123456789012")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleOrganization)
.build());
var exampleOrganizationConfiguration = new OrganizationConfiguration("exampleOrganizationConfiguration", OrganizationConfigurationArgs.builder()
.autoEnable(true)
.build());
}
}
import pulumi
import pulumi_aws as aws
example_organization = aws.organizations.Organization("exampleOrganization",
aws_service_access_principals=["securityhub.amazonaws.com"],
feature_set="ALL")
example_account = aws.securityhub.Account("exampleAccount")
example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("exampleOrganizationAdminAccount", admin_account_id="123456789012",
opts=pulumi.ResourceOptions(depends_on=[example_organization]))
# Auto enable security hub in organization member accounts
example_organization_configuration = aws.securityhub.OrganizationConfiguration("exampleOrganizationConfiguration", auto_enable=True)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleOrganization = new aws.organizations.Organization("exampleOrganization", {
awsServiceAccessPrincipals: ["securityhub.amazonaws.com"],
featureSet: "ALL",
});
const exampleAccount = new aws.securityhub.Account("exampleAccount", {});
const exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount("exampleOrganizationAdminAccount", {adminAccountId: "123456789012"}, {
dependsOn: [exampleOrganization],
});
// Auto enable security hub in organization member accounts
const exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration("exampleOrganizationConfiguration", {autoEnable: true});
resources:
exampleOrganization:
type: aws:organizations:Organization
properties:
awsServiceAccessPrincipals:
- securityhub.amazonaws.com
featureSet: ALL
exampleAccount:
type: aws:securityhub:Account
exampleOrganizationAdminAccount:
type: aws:securityhub:OrganizationAdminAccount
properties:
adminAccountId: '123456789012'
options:
dependson:
- ${exampleOrganization}
# Auto enable security hub in organization member accounts
exampleOrganizationConfiguration:
type: aws:securityhub:OrganizationConfiguration
properties:
autoEnable: true
Create OrganizationAdminAccount Resource
new OrganizationAdminAccount(name: string, args: OrganizationAdminAccountArgs, opts?: CustomResourceOptions);@overload
def OrganizationAdminAccount(resource_name: str,
opts: Optional[ResourceOptions] = None,
admin_account_id: Optional[str] = None)
@overload
def OrganizationAdminAccount(resource_name: str,
args: OrganizationAdminAccountArgs,
opts: Optional[ResourceOptions] = None)func NewOrganizationAdminAccount(ctx *Context, name string, args OrganizationAdminAccountArgs, opts ...ResourceOption) (*OrganizationAdminAccount, error)public OrganizationAdminAccount(string name, OrganizationAdminAccountArgs args, CustomResourceOptions? opts = null)
public OrganizationAdminAccount(String name, OrganizationAdminAccountArgs args)
public OrganizationAdminAccount(String name, OrganizationAdminAccountArgs args, CustomResourceOptions options)
type: aws:securityhub:OrganizationAdminAccount
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OrganizationAdminAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OrganizationAdminAccountArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OrganizationAdminAccountArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OrganizationAdminAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OrganizationAdminAccountArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
OrganizationAdminAccount Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The OrganizationAdminAccount resource accepts the following input properties:
- Admin
Account stringId The AWS account identifier of the account to designate as the Security Hub administrator account.
- Admin
Account stringId The AWS account identifier of the account to designate as the Security Hub administrator account.
- admin
Account StringId The AWS account identifier of the account to designate as the Security Hub administrator account.
- admin
Account stringId The AWS account identifier of the account to designate as the Security Hub administrator account.
- admin_
account_ strid The AWS account identifier of the account to designate as the Security Hub administrator account.
- admin
Account StringId The AWS account identifier of the account to designate as the Security Hub administrator account.
Outputs
All input properties are implicitly available as output properties. Additionally, the OrganizationAdminAccount resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing OrganizationAdminAccount Resource
Get an existing OrganizationAdminAccount resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OrganizationAdminAccountState, opts?: CustomResourceOptions): OrganizationAdminAccount@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
admin_account_id: Optional[str] = None) -> OrganizationAdminAccountfunc GetOrganizationAdminAccount(ctx *Context, name string, id IDInput, state *OrganizationAdminAccountState, opts ...ResourceOption) (*OrganizationAdminAccount, error)public static OrganizationAdminAccount Get(string name, Input<string> id, OrganizationAdminAccountState? state, CustomResourceOptions? opts = null)public static OrganizationAdminAccount get(String name, Output<String> id, OrganizationAdminAccountState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Admin
Account stringId The AWS account identifier of the account to designate as the Security Hub administrator account.
- Admin
Account stringId The AWS account identifier of the account to designate as the Security Hub administrator account.
- admin
Account StringId The AWS account identifier of the account to designate as the Security Hub administrator account.
- admin
Account stringId The AWS account identifier of the account to designate as the Security Hub administrator account.
- admin_
account_ strid The AWS account identifier of the account to designate as the Security Hub administrator account.
- admin
Account StringId The AWS account identifier of the account to designate as the Security Hub administrator account.
Import
Security Hub Organization Admin Accounts can be imported using the AWS account ID, e.g.,
$ pulumi import aws:securityhub/organizationAdminAccount:OrganizationAdminAccount example 123456789012
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.