Docs Home
lacework 2.0.6 published on Monday, Apr 14, 2025 by lacework
lacework.IntegrationAwsCt
Explore with Pulumi AI
Use this resource to configure an AWS CloudTrail integration to analyze CloudTrail activity for monitoring cloud account security.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as lacework from "@pulumi/lacework";
const accountAbc = new lacework.IntegrationAwsCt("accountAbc", {
credentials: {
externalId: "12345",
roleArn: "arn:aws:iam::1234567890:role/lacework_iam_example_role",
},
queueUrl: "https://sqs.us-west-2.amazonaws.com/123456789012/my_queue",
});
import pulumi
import pulumi_lacework as lacework
account_abc = lacework.IntegrationAwsCt("accountAbc",
credentials={
"external_id": "12345",
"role_arn": "arn:aws:iam::1234567890:role/lacework_iam_example_role",
},
queue_url="https://sqs.us-west-2.amazonaws.com/123456789012/my_queue")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/lacework/v2/lacework"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lacework.NewIntegrationAwsCt(ctx, "accountAbc", &lacework.IntegrationAwsCtArgs{
Credentials: &lacework.IntegrationAwsCtCredentialsArgs{
ExternalId: pulumi.String("12345"),
RoleArn: pulumi.String("arn:aws:iam::1234567890:role/lacework_iam_example_role"),
},
QueueUrl: pulumi.String("https://sqs.us-west-2.amazonaws.com/123456789012/my_queue"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Lacework = Pulumi.Lacework;
return await Deployment.RunAsync(() =>
{
var accountAbc = new Lacework.IntegrationAwsCt("accountAbc", new()
{
Credentials = new Lacework.Inputs.IntegrationAwsCtCredentialsArgs
{
ExternalId = "12345",
RoleArn = "arn:aws:iam::1234567890:role/lacework_iam_example_role",
},
QueueUrl = "https://sqs.us-west-2.amazonaws.com/123456789012/my_queue",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.lacework.IntegrationAwsCt;
import com.pulumi.lacework.IntegrationAwsCtArgs;
import com.pulumi.lacework.inputs.IntegrationAwsCtCredentialsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var accountAbc = new IntegrationAwsCt("accountAbc", IntegrationAwsCtArgs.builder()
.credentials(IntegrationAwsCtCredentialsArgs.builder()
.externalId("12345")
.roleArn("arn:aws:iam::1234567890:role/lacework_iam_example_role")
.build())
.queueUrl("https://sqs.us-west-2.amazonaws.com/123456789012/my_queue")
.build());
}
}
resources:
accountAbc:
type: lacework:IntegrationAwsCt
properties:
credentials:
externalId: '12345'
roleArn: arn:aws:iam::1234567890:role/lacework_iam_example_role
queueUrl: https://sqs.us-west-2.amazonaws.com/123456789012/my_queue
Organization Level Integration
If your Lacework account is enrolled in a Lacework organization, you can configure a consolidated AWS CloudTrail integration that maps CloudTrail activity from your AWS accounts to selected Lacework accounts within your organization.
To access the organization level data set to manage organization level integrations
you need to define a Lacework provider with the organization argument set to true.
The following snippet adds an AWS CloudTrail integration at the organization level of your Lacework account with the following distribution from AWS accounts to Lacework sub accounts:
- AWS accounts
234556677and774564564will appear in the Lacework accountlw_account_2 - AWS accounts
553453453and934534535will appear in the Lacework accountlw_account_3 - All other AWS accounts that are not mapped will appear in the Lacework account
lw_account_1
import * as pulumi from "@pulumi/pulumi";
import * as lacework from "@pulumi/lacework";
const organization = new lacework.Provider("organization", {organization: true});
const consolidated = new lacework.IntegrationAwsCt("consolidated", {
queueUrl: "https://sqs.us-west-2.amazonaws.com/123456789012/my_queue",
credentials: {
roleArn: "arn:aws:iam::1234567890:role/lacework_iam_example_role",
externalId: "12345",
},
orgAccountMappings: {
defaultLaceworkAccount: "lw_account_1",
mappings: [
{
laceworkAccount: "lw_account_2",
awsAccounts: [
"234556677",
"774564564",
],
},
{
laceworkAccount: "lw_account_3",
awsAccounts: [
"553453453",
"934534535",
],
},
],
},
}, {
provider: lacework.organization,
});
import pulumi
import pulumi_lacework as lacework
organization = lacework.Provider("organization", organization=True)
consolidated = lacework.IntegrationAwsCt("consolidated",
queue_url="https://sqs.us-west-2.amazonaws.com/123456789012/my_queue",
credentials={
"role_arn": "arn:aws:iam::1234567890:role/lacework_iam_example_role",
"external_id": "12345",
},
org_account_mappings={
"default_lacework_account": "lw_account_1",
"mappings": [
{
"lacework_account": "lw_account_2",
"aws_accounts": [
"234556677",
"774564564",
],
},
{
"lacework_account": "lw_account_3",
"aws_accounts": [
"553453453",
"934534535",
],
},
],
},
opts = pulumi.ResourceOptions(provider=lacework["organization"]))
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/lacework/v2/lacework"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lacework.NewProvider(ctx, "organization", &lacework.ProviderArgs{
Organization: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = lacework.NewIntegrationAwsCt(ctx, "consolidated", &lacework.IntegrationAwsCtArgs{
QueueUrl: pulumi.String("https://sqs.us-west-2.amazonaws.com/123456789012/my_queue"),
Credentials: &lacework.IntegrationAwsCtCredentialsArgs{
RoleArn: pulumi.String("arn:aws:iam::1234567890:role/lacework_iam_example_role"),
ExternalId: pulumi.String("12345"),
},
OrgAccountMappings: &lacework.IntegrationAwsCtOrgAccountMappingsArgs{
DefaultLaceworkAccount: pulumi.String("lw_account_1"),
Mappings: lacework.IntegrationAwsCtOrgAccountMappingsMappingArray{
&lacework.IntegrationAwsCtOrgAccountMappingsMappingArgs{
LaceworkAccount: pulumi.String("lw_account_2"),
AwsAccounts: pulumi.StringArray{
pulumi.String("234556677"),
pulumi.String("774564564"),
},
},
&lacework.IntegrationAwsCtOrgAccountMappingsMappingArgs{
LaceworkAccount: pulumi.String("lw_account_3"),
AwsAccounts: pulumi.StringArray{
pulumi.String("553453453"),
pulumi.String("934534535"),
},
},
},
},
}, pulumi.Provider(lacework.Organization))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Lacework = Pulumi.Lacework;
return await Deployment.RunAsync(() =>
{
var organization = new Lacework.Provider("organization", new()
{
Organization = true,
});
var consolidated = new Lacework.IntegrationAwsCt("consolidated", new()
{
QueueUrl = "https://sqs.us-west-2.amazonaws.com/123456789012/my_queue",
Credentials = new Lacework.Inputs.IntegrationAwsCtCredentialsArgs
{
RoleArn = "arn:aws:iam::1234567890:role/lacework_iam_example_role",
ExternalId = "12345",
},
OrgAccountMappings = new Lacework.Inputs.IntegrationAwsCtOrgAccountMappingsArgs
{
DefaultLaceworkAccount = "lw_account_1",
Mappings = new[]
{
new Lacework.Inputs.IntegrationAwsCtOrgAccountMappingsMappingArgs
{
LaceworkAccount = "lw_account_2",
AwsAccounts = new[]
{
"234556677",
"774564564",
},
},
new Lacework.Inputs.IntegrationAwsCtOrgAccountMappingsMappingArgs
{
LaceworkAccount = "lw_account_3",
AwsAccounts = new[]
{
"553453453",
"934534535",
},
},
},
},
}, new CustomResourceOptions
{
Provider = lacework.Organization,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.lacework.Provider;
import com.pulumi.lacework.ProviderArgs;
import com.pulumi.lacework.IntegrationAwsCt;
import com.pulumi.lacework.IntegrationAwsCtArgs;
import com.pulumi.lacework.inputs.IntegrationAwsCtCredentialsArgs;
import com.pulumi.lacework.inputs.IntegrationAwsCtOrgAccountMappingsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var organization = new Provider("organization", ProviderArgs.builder()
.organization(true)
.build());
var consolidated = new IntegrationAwsCt("consolidated", IntegrationAwsCtArgs.builder()
.queueUrl("https://sqs.us-west-2.amazonaws.com/123456789012/my_queue")
.credentials(IntegrationAwsCtCredentialsArgs.builder()
.roleArn("arn:aws:iam::1234567890:role/lacework_iam_example_role")
.externalId("12345")
.build())
.orgAccountMappings(IntegrationAwsCtOrgAccountMappingsArgs.builder()
.defaultLaceworkAccount("lw_account_1")
.mappings(
IntegrationAwsCtOrgAccountMappingsMappingArgs.builder()
.laceworkAccount("lw_account_2")
.awsAccounts(
"234556677",
"774564564")
.build(),
IntegrationAwsCtOrgAccountMappingsMappingArgs.builder()
.laceworkAccount("lw_account_3")
.awsAccounts(
"553453453",
"934534535")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(lacework.organization())
.build());
}
}
resources:
organization:
type: pulumi:providers:lacework
properties:
organization: true
consolidated:
type: lacework:IntegrationAwsCt
properties:
queueUrl: https://sqs.us-west-2.amazonaws.com/123456789012/my_queue
credentials:
roleArn: arn:aws:iam::1234567890:role/lacework_iam_example_role
externalId: '12345'
orgAccountMappings:
defaultLaceworkAccount: lw_account_1
mappings:
- laceworkAccount: lw_account_2
awsAccounts:
- '234556677'
- '774564564'
- laceworkAccount: lw_account_3
awsAccounts:
- '553453453'
- '934534535'
options:
provider: ${lacework.organization}
!> Warning: When accessing organization level data sets, the subaccount argument is ignored.
Note: The mapping that you configure for an organization integration is in addition to what is already configured for the CloudTrail account integration. It doesn’t override the existing account integration.
For more information see Setup of Organization AWS CloudTrail Integration
Migrating an existing AWS CloudTrail integration to the Organization level
When attempting to migrate an existing AWS CloudTrail integration from one of your Lacework accounts
to the organization level so that you can use the org_account_mappings argument, you need to delete
the integration, update the Lacework provider to access the organization level data set, and run
pulumi up to create a new integration at the organization level.
For example, having this pulumi preview:
Coming soon!
Coming soon!
Coming soon!
Coming soon!
Coming soon!
resources:
primary:
type: pulumi:providers:lacework
properties:
subaccount: my-company
accountAbc:
type: lacework:IntegrationAwsCt
properties:
alias: ${lacework.primary}
queueUrl: https://sqs.us-west-2.amazonaws.com/123456789012/my_queue
credentials:
roleArn: arn:aws:iam::1234567890:role/lacework_iam_example_role
externalId: '12345'
You could use the Lacework CLI command lacework integration delete <INT_GUID> or,
log in to the Lacework Console and navigate to Settings > Integrations > Cloud Accounts, to delete the existing
AWS CloudTrail integration. Then update your pulumi preview to access the organization level data set:
import * as pulumi from "@pulumi/pulumi";
import * as lacework from "@pulumi/lacework";
const primary = new lacework.Provider("primary", {organization: true});
const accountAbc = new lacework.IntegrationAwsCt("accountAbc", {
queueUrl: "https://sqs.us-west-2.amazonaws.com/123456789012/my_queue",
credentials: {
roleArn: "arn:aws:iam::1234567890:role/lacework_iam_example_role",
externalId: "12345",
},
orgAccountMappings: {},
}, {
provider: lacework.primary,
});
import pulumi
import pulumi_lacework as lacework
primary = lacework.Provider("primary", organization=True)
account_abc = lacework.IntegrationAwsCt("accountAbc",
queue_url="https://sqs.us-west-2.amazonaws.com/123456789012/my_queue",
credentials={
"role_arn": "arn:aws:iam::1234567890:role/lacework_iam_example_role",
"external_id": "12345",
},
org_account_mappings={},
opts = pulumi.ResourceOptions(provider=lacework["primary"]))
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/lacework/v2/lacework"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lacework.NewProvider(ctx, "primary", &lacework.ProviderArgs{
Organization: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = lacework.NewIntegrationAwsCt(ctx, "accountAbc", &lacework.IntegrationAwsCtArgs{
QueueUrl: pulumi.String("https://sqs.us-west-2.amazonaws.com/123456789012/my_queue"),
Credentials: &lacework.IntegrationAwsCtCredentialsArgs{
RoleArn: pulumi.String("arn:aws:iam::1234567890:role/lacework_iam_example_role"),
ExternalId: pulumi.String("12345"),
},
OrgAccountMappings: &lacework.IntegrationAwsCtOrgAccountMappingsArgs{},
}, pulumi.Provider(lacework.Primary))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Lacework = Pulumi.Lacework;
return await Deployment.RunAsync(() =>
{
var primary = new Lacework.Provider("primary", new()
{
Organization = true,
});
var accountAbc = new Lacework.IntegrationAwsCt("accountAbc", new()
{
QueueUrl = "https://sqs.us-west-2.amazonaws.com/123456789012/my_queue",
Credentials = new Lacework.Inputs.IntegrationAwsCtCredentialsArgs
{
RoleArn = "arn:aws:iam::1234567890:role/lacework_iam_example_role",
ExternalId = "12345",
},
OrgAccountMappings = null,
}, new CustomResourceOptions
{
Provider = lacework.Primary,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.lacework.Provider;
import com.pulumi.lacework.ProviderArgs;
import com.pulumi.lacework.IntegrationAwsCt;
import com.pulumi.lacework.IntegrationAwsCtArgs;
import com.pulumi.lacework.inputs.IntegrationAwsCtCredentialsArgs;
import com.pulumi.lacework.inputs.IntegrationAwsCtOrgAccountMappingsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var primary = new Provider("primary", ProviderArgs.builder()
.organization(true)
.build());
var accountAbc = new IntegrationAwsCt("accountAbc", IntegrationAwsCtArgs.builder()
.queueUrl("https://sqs.us-west-2.amazonaws.com/123456789012/my_queue")
.credentials(IntegrationAwsCtCredentialsArgs.builder()
.roleArn("arn:aws:iam::1234567890:role/lacework_iam_example_role")
.externalId("12345")
.build())
.orgAccountMappings()
.build(), CustomResourceOptions.builder()
.provider(lacework.primary())
.build());
}
}
resources:
primary:
type: pulumi:providers:lacework
properties:
organization: true
accountAbc:
type: lacework:IntegrationAwsCt
properties:
queueUrl: https://sqs.us-west-2.amazonaws.com/123456789012/my_queue
credentials:
roleArn: arn:aws:iam::1234567890:role/lacework_iam_example_role
externalId: '12345'
orgAccountMappings: {}
options:
provider: ${lacework.primary}
And finally, run pulumi up to create a new integration at the organization level.
Create IntegrationAwsCt Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IntegrationAwsCt(name: string, args: IntegrationAwsCtArgs, opts?: CustomResourceOptions);@overload
def IntegrationAwsCt(resource_name: str,
args: IntegrationAwsCtArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IntegrationAwsCt(resource_name: str,
opts: Optional[ResourceOptions] = None,
credentials: Optional[IntegrationAwsCtCredentialsArgs] = None,
queue_url: Optional[str] = None,
enabled: Optional[bool] = None,
integration_aws_ct_id: Optional[str] = None,
name: Optional[str] = None,
org_account_mappings: Optional[IntegrationAwsCtOrgAccountMappingsArgs] = None,
retries: Optional[float] = None)func NewIntegrationAwsCt(ctx *Context, name string, args IntegrationAwsCtArgs, opts ...ResourceOption) (*IntegrationAwsCt, error)public IntegrationAwsCt(string name, IntegrationAwsCtArgs args, CustomResourceOptions? opts = null)
public IntegrationAwsCt(String name, IntegrationAwsCtArgs args)
public IntegrationAwsCt(String name, IntegrationAwsCtArgs args, CustomResourceOptions options)
type: lacework:IntegrationAwsCt
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IntegrationAwsCtArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IntegrationAwsCtArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IntegrationAwsCtArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IntegrationAwsCtArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IntegrationAwsCtArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var integrationAwsCtResource = new Lacework.IntegrationAwsCt("integrationAwsCtResource", new()
{
Credentials = new Lacework.Inputs.IntegrationAwsCtCredentialsArgs
{
ExternalId = "string",
RoleArn = "string",
},
QueueUrl = "string",
Enabled = false,
IntegrationAwsCtId = "string",
Name = "string",
OrgAccountMappings = new Lacework.Inputs.IntegrationAwsCtOrgAccountMappingsArgs
{
DefaultLaceworkAccount = "string",
Mappings = new[]
{
new Lacework.Inputs.IntegrationAwsCtOrgAccountMappingsMappingArgs
{
AwsAccounts = new[]
{
"string",
},
LaceworkAccount = "string",
},
},
},
Retries = 0,
});
example, err := lacework.NewIntegrationAwsCt(ctx, "integrationAwsCtResource", &lacework.IntegrationAwsCtArgs{
Credentials: &lacework.IntegrationAwsCtCredentialsArgs{
ExternalId: pulumi.String("string"),
RoleArn: pulumi.String("string"),
},
QueueUrl: pulumi.String("string"),
Enabled: pulumi.Bool(false),
IntegrationAwsCtId: pulumi.String("string"),
Name: pulumi.String("string"),
OrgAccountMappings: &lacework.IntegrationAwsCtOrgAccountMappingsArgs{
DefaultLaceworkAccount: pulumi.String("string"),
Mappings: lacework.IntegrationAwsCtOrgAccountMappingsMappingArray{
&lacework.IntegrationAwsCtOrgAccountMappingsMappingArgs{
AwsAccounts: pulumi.StringArray{
pulumi.String("string"),
},
LaceworkAccount: pulumi.String("string"),
},
},
},
Retries: pulumi.Float64(0),
})
var integrationAwsCtResource = new IntegrationAwsCt("integrationAwsCtResource", IntegrationAwsCtArgs.builder()
.credentials(IntegrationAwsCtCredentialsArgs.builder()
.externalId("string")
.roleArn("string")
.build())
.queueUrl("string")
.enabled(false)
.integrationAwsCtId("string")
.name("string")
.orgAccountMappings(IntegrationAwsCtOrgAccountMappingsArgs.builder()
.defaultLaceworkAccount("string")
.mappings(IntegrationAwsCtOrgAccountMappingsMappingArgs.builder()
.awsAccounts("string")
.laceworkAccount("string")
.build())
.build())
.retries(0)
.build());
integration_aws_ct_resource = lacework.IntegrationAwsCt("integrationAwsCtResource",
credentials={
"external_id": "string",
"role_arn": "string",
},
queue_url="string",
enabled=False,
integration_aws_ct_id="string",
name="string",
org_account_mappings={
"default_lacework_account": "string",
"mappings": [{
"aws_accounts": ["string"],
"lacework_account": "string",
}],
},
retries=0)
const integrationAwsCtResource = new lacework.IntegrationAwsCt("integrationAwsCtResource", {
credentials: {
externalId: "string",
roleArn: "string",
},
queueUrl: "string",
enabled: false,
integrationAwsCtId: "string",
name: "string",
orgAccountMappings: {
defaultLaceworkAccount: "string",
mappings: [{
awsAccounts: ["string"],
laceworkAccount: "string",
}],
},
retries: 0,
});
type: lacework:IntegrationAwsCt
properties:
credentials:
externalId: string
roleArn: string
enabled: false
integrationAwsCtId: string
name: string
orgAccountMappings:
defaultLaceworkAccount: string
mappings:
- awsAccounts:
- string
laceworkAccount: string
queueUrl: string
retries: 0
IntegrationAwsCt Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IntegrationAwsCt resource accepts the following input properties:
- Credentials
Integration
Aws Ct Credentials - The credentials needed by the integration. See Credentials below for details.
- Queue
Url string - The SQS Queue URL.
- Enabled bool
- The state of the external integration. Defaults to
true. - Integration
Aws stringCt Id - Name string
- The AWS CloudTrail integration name.
- Org
Account IntegrationMappings Aws Ct Org Account Mappings - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- Retries double
- The number of attempts to create the external integration. Defaults to
5.
- Credentials
Integration
Aws Ct Credentials Args - The credentials needed by the integration. See Credentials below for details.
- Queue
Url string - The SQS Queue URL.
- Enabled bool
- The state of the external integration. Defaults to
true. - Integration
Aws stringCt Id - Name string
- The AWS CloudTrail integration name.
- Org
Account IntegrationMappings Aws Ct Org Account Mappings Args - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- Retries float64
- The number of attempts to create the external integration. Defaults to
5.
- credentials
Integration
Aws Ct Credentials - The credentials needed by the integration. See Credentials below for details.
- queue
Url String - The SQS Queue URL.
- enabled Boolean
- The state of the external integration. Defaults to
true. - integration
Aws StringCt Id - name String
- The AWS CloudTrail integration name.
- org
Account IntegrationMappings Aws Ct Org Account Mappings - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- retries Double
- The number of attempts to create the external integration. Defaults to
5.
- credentials
Integration
Aws Ct Credentials - The credentials needed by the integration. See Credentials below for details.
- queue
Url string - The SQS Queue URL.
- enabled boolean
- The state of the external integration. Defaults to
true. - integration
Aws stringCt Id - name string
- The AWS CloudTrail integration name.
- org
Account IntegrationMappings Aws Ct Org Account Mappings - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- retries number
- The number of attempts to create the external integration. Defaults to
5.
- credentials
Integration
Aws Ct Credentials Args - The credentials needed by the integration. See Credentials below for details.
- queue_
url str - The SQS Queue URL.
- enabled bool
- The state of the external integration. Defaults to
true. - integration_
aws_ strct_ id - name str
- The AWS CloudTrail integration name.
- org_
account_ Integrationmappings Aws Ct Org Account Mappings Args - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- retries float
- The number of attempts to create the external integration. Defaults to
5.
- credentials Property Map
- The credentials needed by the integration. See Credentials below for details.
- queue
Url String - The SQS Queue URL.
- enabled Boolean
- The state of the external integration. Defaults to
true. - integration
Aws StringCt Id - name String
- The AWS CloudTrail integration name.
- org
Account Property MapMappings - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- retries Number
- The number of attempts to create the external integration. Defaults to
5.
Outputs
All input properties are implicitly available as output properties. Additionally, the IntegrationAwsCt resource produces the following output properties:
- Created
Or stringUpdated By - Created
Or stringUpdated Time - Id string
- The provider-assigned unique ID for this managed resource.
- Intg
Guid string - Org
Level bool - Type
Name string
- Created
Or stringUpdated By - Created
Or stringUpdated Time - Id string
- The provider-assigned unique ID for this managed resource.
- Intg
Guid string - Org
Level bool - Type
Name string
- created
Or StringUpdated By - created
Or StringUpdated Time - id String
- The provider-assigned unique ID for this managed resource.
- intg
Guid String - org
Level Boolean - type
Name String
- created
Or stringUpdated By - created
Or stringUpdated Time - id string
- The provider-assigned unique ID for this managed resource.
- intg
Guid string - org
Level boolean - type
Name string
- created_
or_ strupdated_ by - created_
or_ strupdated_ time - id str
- The provider-assigned unique ID for this managed resource.
- intg_
guid str - org_
level bool - type_
name str
- created
Or StringUpdated By - created
Or StringUpdated Time - id String
- The provider-assigned unique ID for this managed resource.
- intg
Guid String - org
Level Boolean - type
Name String
Look up Existing IntegrationAwsCt Resource
Get an existing IntegrationAwsCt resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IntegrationAwsCtState, opts?: CustomResourceOptions): IntegrationAwsCt@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created_or_updated_by: Optional[str] = None,
created_or_updated_time: Optional[str] = None,
credentials: Optional[IntegrationAwsCtCredentialsArgs] = None,
enabled: Optional[bool] = None,
integration_aws_ct_id: Optional[str] = None,
intg_guid: Optional[str] = None,
name: Optional[str] = None,
org_account_mappings: Optional[IntegrationAwsCtOrgAccountMappingsArgs] = None,
org_level: Optional[bool] = None,
queue_url: Optional[str] = None,
retries: Optional[float] = None,
type_name: Optional[str] = None) -> IntegrationAwsCtfunc GetIntegrationAwsCt(ctx *Context, name string, id IDInput, state *IntegrationAwsCtState, opts ...ResourceOption) (*IntegrationAwsCt, error)public static IntegrationAwsCt Get(string name, Input<string> id, IntegrationAwsCtState? state, CustomResourceOptions? opts = null)public static IntegrationAwsCt get(String name, Output<String> id, IntegrationAwsCtState state, CustomResourceOptions options)resources: _: type: lacework:IntegrationAwsCt get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Created
Or stringUpdated By - Created
Or stringUpdated Time - Credentials
Integration
Aws Ct Credentials - The credentials needed by the integration. See Credentials below for details.
- Enabled bool
- The state of the external integration. Defaults to
true. - Integration
Aws stringCt Id - Intg
Guid string - Name string
- The AWS CloudTrail integration name.
- Org
Account IntegrationMappings Aws Ct Org Account Mappings - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- Org
Level bool - Queue
Url string - The SQS Queue URL.
- Retries double
- The number of attempts to create the external integration. Defaults to
5. - Type
Name string
- Created
Or stringUpdated By - Created
Or stringUpdated Time - Credentials
Integration
Aws Ct Credentials Args - The credentials needed by the integration. See Credentials below for details.
- Enabled bool
- The state of the external integration. Defaults to
true. - Integration
Aws stringCt Id - Intg
Guid string - Name string
- The AWS CloudTrail integration name.
- Org
Account IntegrationMappings Aws Ct Org Account Mappings Args - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- Org
Level bool - Queue
Url string - The SQS Queue URL.
- Retries float64
- The number of attempts to create the external integration. Defaults to
5. - Type
Name string
- created
Or StringUpdated By - created
Or StringUpdated Time - credentials
Integration
Aws Ct Credentials - The credentials needed by the integration. See Credentials below for details.
- enabled Boolean
- The state of the external integration. Defaults to
true. - integration
Aws StringCt Id - intg
Guid String - name String
- The AWS CloudTrail integration name.
- org
Account IntegrationMappings Aws Ct Org Account Mappings - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- org
Level Boolean - queue
Url String - The SQS Queue URL.
- retries Double
- The number of attempts to create the external integration. Defaults to
5. - type
Name String
- created
Or stringUpdated By - created
Or stringUpdated Time - credentials
Integration
Aws Ct Credentials - The credentials needed by the integration. See Credentials below for details.
- enabled boolean
- The state of the external integration. Defaults to
true. - integration
Aws stringCt Id - intg
Guid string - name string
- The AWS CloudTrail integration name.
- org
Account IntegrationMappings Aws Ct Org Account Mappings - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- org
Level boolean - queue
Url string - The SQS Queue URL.
- retries number
- The number of attempts to create the external integration. Defaults to
5. - type
Name string
- created_
or_ strupdated_ by - created_
or_ strupdated_ time - credentials
Integration
Aws Ct Credentials Args - The credentials needed by the integration. See Credentials below for details.
- enabled bool
- The state of the external integration. Defaults to
true. - integration_
aws_ strct_ id - intg_
guid str - name str
- The AWS CloudTrail integration name.
- org_
account_ Integrationmappings Aws Ct Org Account Mappings Args - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- org_
level bool - queue_
url str - The SQS Queue URL.
- retries float
- The number of attempts to create the external integration. Defaults to
5. - type_
name str
- created
Or StringUpdated By - created
Or StringUpdated Time - credentials Property Map
- The credentials needed by the integration. See Credentials below for details.
- enabled Boolean
- The state of the external integration. Defaults to
true. - integration
Aws StringCt Id - intg
Guid String - name String
- The AWS CloudTrail integration name.
- org
Account Property MapMappings - Mapping of AWS accounts to Lacework accounts within a Lacework organization. See Account Mappings below for details.
- org
Level Boolean - queue
Url String - The SQS Queue URL.
- retries Number
- The number of attempts to create the external integration. Defaults to
5. - type
Name String
Supporting Types
IntegrationAwsCtCredentials, IntegrationAwsCtCredentialsArgs
- External
Id string - The external ID for the IAM role.
- Role
Arn string - The ARN of the IAM role.
- External
Id string - The external ID for the IAM role.
- Role
Arn string - The ARN of the IAM role.
- external
Id String - The external ID for the IAM role.
- role
Arn String - The ARN of the IAM role.
- external
Id string - The external ID for the IAM role.
- role
Arn string - The ARN of the IAM role.
- external_
id str - The external ID for the IAM role.
- role_
arn str - The ARN of the IAM role.
- external
Id String - The external ID for the IAM role.
- role
Arn String - The ARN of the IAM role.
IntegrationAwsCtOrgAccountMappings, IntegrationAwsCtOrgAccountMappingsArgs
- Default
Lacework stringAccount - The default Lacework account name where any non-mapped AWS account will appear.
- Mappings
List<Integration
Aws Ct Org Account Mappings Mapping> - A map of AWS accounts to Lacework account. This can be specified multiple times to map multiple Lacework accounts. See Mapping below for details.
- Default
Lacework stringAccount - The default Lacework account name where any non-mapped AWS account will appear.
- Mappings
[]Integration
Aws Ct Org Account Mappings Mapping - A map of AWS accounts to Lacework account. This can be specified multiple times to map multiple Lacework accounts. See Mapping below for details.
- default
Lacework StringAccount - The default Lacework account name where any non-mapped AWS account will appear.
- mappings
List<Integration
Aws Ct Org Account Mappings Mapping> - A map of AWS accounts to Lacework account. This can be specified multiple times to map multiple Lacework accounts. See Mapping below for details.
- default
Lacework stringAccount - The default Lacework account name where any non-mapped AWS account will appear.
- mappings
Integration
Aws Ct Org Account Mappings Mapping[] - A map of AWS accounts to Lacework account. This can be specified multiple times to map multiple Lacework accounts. See Mapping below for details.
- default_
lacework_ straccount - The default Lacework account name where any non-mapped AWS account will appear.
- mappings
Sequence[Integration
Aws Ct Org Account Mappings Mapping] - A map of AWS accounts to Lacework account. This can be specified multiple times to map multiple Lacework accounts. See Mapping below for details.
- default
Lacework StringAccount - The default Lacework account name where any non-mapped AWS account will appear.
- mappings List<Property Map>
- A map of AWS accounts to Lacework account. This can be specified multiple times to map multiple Lacework accounts. See Mapping below for details.
IntegrationAwsCtOrgAccountMappingsMapping, IntegrationAwsCtOrgAccountMappingsMappingArgs
- Aws
Accounts List<string> - The list of AWS account IDs to map.
- Lacework
Account string - The Lacework account name where the CloudTrail activity from the selected AWS accounts will appear.
- Aws
Accounts []string - The list of AWS account IDs to map.
- Lacework
Account string - The Lacework account name where the CloudTrail activity from the selected AWS accounts will appear.
- aws
Accounts List<String> - The list of AWS account IDs to map.
- lacework
Account String - The Lacework account name where the CloudTrail activity from the selected AWS accounts will appear.
- aws
Accounts string[] - The list of AWS account IDs to map.
- lacework
Account string - The Lacework account name where the CloudTrail activity from the selected AWS accounts will appear.
- aws_
accounts Sequence[str] - The list of AWS account IDs to map.
- lacework_
account str - The Lacework account name where the CloudTrail activity from the selected AWS accounts will appear.
- aws
Accounts List<String> - The list of AWS account IDs to map.
- lacework
Account String - The Lacework account name where the CloudTrail activity from the selected AWS accounts will appear.
Import
A Lacework AWS CloudTrail integration can be imported using a INT_GUID, e.g.
$ pulumi import lacework:index/integrationAwsCt:IntegrationAwsCt account_abc EXAMPLE_1234BAE1E42182964D23973F44CFEA3C4AB63B99E9A1EC5
-> Note: To retrieve the INT_GUID from existing integrations in your account, use the
Lacework CLI command lacework cloud-account list. To install this tool follow
this documentation.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- lacework lacework/terraform-provider-lacework
- License
- Notes
- This Pulumi package is based on the
laceworkTerraform Provider.