Docs Home
lacework 2.0.6 published on Monday, Apr 14, 2025 by lacework
lacework.IntegrationGcpGkeAuditLog
Explore with Pulumi AI
Use this resource to configure an GCP GKE Audit Log integration to analyze GKE audit logs.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as lacework from "@pulumi/lacework";
const accountAbc = new lacework.IntegrationGcpGkeAuditLog("accountAbc", {
credentials: {
clientEmail: "email@abc-project-name.iam.gserviceaccount.com",
clientId: "123456789012345678900",
privateKey: `-----BEGIN PRIVATE KEY-----
... -----END PRIVATE KEY-----
`,
privateKeyId: "1234abcd1234abcd1234abcd1234abcd1234abcd",
},
integrationType: "PROJECT",
projectId: "ABC-project-id",
subscription: "projects/ABC-project-id/subscriptions/example-subscription",
});
import pulumi
import pulumi_lacework as lacework
account_abc = lacework.IntegrationGcpGkeAuditLog("accountAbc",
credentials={
"client_email": "email@abc-project-name.iam.gserviceaccount.com",
"client_id": "123456789012345678900",
"private_key": """-----BEGIN PRIVATE KEY-----
... -----END PRIVATE KEY-----
""",
"private_key_id": "1234abcd1234abcd1234abcd1234abcd1234abcd",
},
integration_type="PROJECT",
project_id="ABC-project-id",
subscription="projects/ABC-project-id/subscriptions/example-subscription")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/lacework/v2/lacework"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lacework.NewIntegrationGcpGkeAuditLog(ctx, "accountAbc", &lacework.IntegrationGcpGkeAuditLogArgs{
Credentials: &lacework.IntegrationGcpGkeAuditLogCredentialsArgs{
ClientEmail: pulumi.String("email@abc-project-name.iam.gserviceaccount.com"),
ClientId: pulumi.String("123456789012345678900"),
PrivateKey: pulumi.String("-----BEGIN PRIVATE KEY-----\n ... -----END PRIVATE KEY-----\n\n"),
PrivateKeyId: pulumi.String("1234abcd1234abcd1234abcd1234abcd1234abcd"),
},
IntegrationType: pulumi.String("PROJECT"),
ProjectId: pulumi.String("ABC-project-id"),
Subscription: pulumi.String("projects/ABC-project-id/subscriptions/example-subscription"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Lacework = Pulumi.Lacework;
return await Deployment.RunAsync(() =>
{
var accountAbc = new Lacework.IntegrationGcpGkeAuditLog("accountAbc", new()
{
Credentials = new Lacework.Inputs.IntegrationGcpGkeAuditLogCredentialsArgs
{
ClientEmail = "email@abc-project-name.iam.gserviceaccount.com",
ClientId = "123456789012345678900",
PrivateKey = @"-----BEGIN PRIVATE KEY-----
... -----END PRIVATE KEY-----
",
PrivateKeyId = "1234abcd1234abcd1234abcd1234abcd1234abcd",
},
IntegrationType = "PROJECT",
ProjectId = "ABC-project-id",
Subscription = "projects/ABC-project-id/subscriptions/example-subscription",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.lacework.IntegrationGcpGkeAuditLog;
import com.pulumi.lacework.IntegrationGcpGkeAuditLogArgs;
import com.pulumi.lacework.inputs.IntegrationGcpGkeAuditLogCredentialsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var accountAbc = new IntegrationGcpGkeAuditLog("accountAbc", IntegrationGcpGkeAuditLogArgs.builder()
.credentials(IntegrationGcpGkeAuditLogCredentialsArgs.builder()
.clientEmail("email@abc-project-name.iam.gserviceaccount.com")
.clientId("123456789012345678900")
.privateKey("""
-----BEGIN PRIVATE KEY-----
... -----END PRIVATE KEY-----
""")
.privateKeyId("1234abcd1234abcd1234abcd1234abcd1234abcd")
.build())
.integrationType("PROJECT")
.projectId("ABC-project-id")
.subscription("projects/ABC-project-id/subscriptions/example-subscription")
.build());
}
}
resources:
accountAbc:
type: lacework:IntegrationGcpGkeAuditLog
properties:
credentials:
clientEmail: email@abc-project-name.iam.gserviceaccount.com
clientId: '123456789012345678900'
privateKey: |+
-----BEGIN PRIVATE KEY-----
... -----END PRIVATE KEY-----
privateKeyId: 1234abcd1234abcd1234abcd1234abcd1234abcd
integrationType: PROJECT
projectId: ABC-project-id
subscription: projects/ABC-project-id/subscriptions/example-subscription
Create IntegrationGcpGkeAuditLog Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IntegrationGcpGkeAuditLog(name: string, args: IntegrationGcpGkeAuditLogArgs, opts?: CustomResourceOptions);@overload
def IntegrationGcpGkeAuditLog(resource_name: str,
args: IntegrationGcpGkeAuditLogArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IntegrationGcpGkeAuditLog(resource_name: str,
opts: Optional[ResourceOptions] = None,
credentials: Optional[IntegrationGcpGkeAuditLogCredentialsArgs] = None,
integration_type: Optional[str] = None,
project_id: Optional[str] = None,
subscription: Optional[str] = None,
enabled: Optional[bool] = None,
integration_gcp_gke_audit_log_id: Optional[str] = None,
name: Optional[str] = None,
organization_id: Optional[str] = None,
retries: Optional[float] = None)func NewIntegrationGcpGkeAuditLog(ctx *Context, name string, args IntegrationGcpGkeAuditLogArgs, opts ...ResourceOption) (*IntegrationGcpGkeAuditLog, error)public IntegrationGcpGkeAuditLog(string name, IntegrationGcpGkeAuditLogArgs args, CustomResourceOptions? opts = null)
public IntegrationGcpGkeAuditLog(String name, IntegrationGcpGkeAuditLogArgs args)
public IntegrationGcpGkeAuditLog(String name, IntegrationGcpGkeAuditLogArgs args, CustomResourceOptions options)
type: lacework:IntegrationGcpGkeAuditLog
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IntegrationGcpGkeAuditLogArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IntegrationGcpGkeAuditLogArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IntegrationGcpGkeAuditLogArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IntegrationGcpGkeAuditLogArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IntegrationGcpGkeAuditLogArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var integrationGcpGkeAuditLogResource = new Lacework.IntegrationGcpGkeAuditLog("integrationGcpGkeAuditLogResource", new()
{
Credentials = new Lacework.Inputs.IntegrationGcpGkeAuditLogCredentialsArgs
{
ClientEmail = "string",
ClientId = "string",
PrivateKey = "string",
PrivateKeyId = "string",
},
IntegrationType = "string",
ProjectId = "string",
Subscription = "string",
Enabled = false,
IntegrationGcpGkeAuditLogId = "string",
Name = "string",
OrganizationId = "string",
Retries = 0,
});
example, err := lacework.NewIntegrationGcpGkeAuditLog(ctx, "integrationGcpGkeAuditLogResource", &lacework.IntegrationGcpGkeAuditLogArgs{
Credentials: &lacework.IntegrationGcpGkeAuditLogCredentialsArgs{
ClientEmail: pulumi.String("string"),
ClientId: pulumi.String("string"),
PrivateKey: pulumi.String("string"),
PrivateKeyId: pulumi.String("string"),
},
IntegrationType: pulumi.String("string"),
ProjectId: pulumi.String("string"),
Subscription: pulumi.String("string"),
Enabled: pulumi.Bool(false),
IntegrationGcpGkeAuditLogId: pulumi.String("string"),
Name: pulumi.String("string"),
OrganizationId: pulumi.String("string"),
Retries: pulumi.Float64(0),
})
var integrationGcpGkeAuditLogResource = new IntegrationGcpGkeAuditLog("integrationGcpGkeAuditLogResource", IntegrationGcpGkeAuditLogArgs.builder()
.credentials(IntegrationGcpGkeAuditLogCredentialsArgs.builder()
.clientEmail("string")
.clientId("string")
.privateKey("string")
.privateKeyId("string")
.build())
.integrationType("string")
.projectId("string")
.subscription("string")
.enabled(false)
.integrationGcpGkeAuditLogId("string")
.name("string")
.organizationId("string")
.retries(0)
.build());
integration_gcp_gke_audit_log_resource = lacework.IntegrationGcpGkeAuditLog("integrationGcpGkeAuditLogResource",
credentials={
"client_email": "string",
"client_id": "string",
"private_key": "string",
"private_key_id": "string",
},
integration_type="string",
project_id="string",
subscription="string",
enabled=False,
integration_gcp_gke_audit_log_id="string",
name="string",
organization_id="string",
retries=0)
const integrationGcpGkeAuditLogResource = new lacework.IntegrationGcpGkeAuditLog("integrationGcpGkeAuditLogResource", {
credentials: {
clientEmail: "string",
clientId: "string",
privateKey: "string",
privateKeyId: "string",
},
integrationType: "string",
projectId: "string",
subscription: "string",
enabled: false,
integrationGcpGkeAuditLogId: "string",
name: "string",
organizationId: "string",
retries: 0,
});
type: lacework:IntegrationGcpGkeAuditLog
properties:
credentials:
clientEmail: string
clientId: string
privateKey: string
privateKeyId: string
enabled: false
integrationGcpGkeAuditLogId: string
integrationType: string
name: string
organizationId: string
projectId: string
retries: 0
subscription: string
IntegrationGcpGkeAuditLog Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IntegrationGcpGkeAuditLog resource accepts the following input properties:
- Credentials
Integration
Gcp Gke Audit Log Credentials - The credentials needed by the integration. See Credentials below for details.
- Integration
Type string - The integration type. Must be one of
PROJECTorORGANIZATION. - Project
Id string - The project ID.
- Subscription string
- The PubSub Subscription.
- Enabled bool
- The state of the external integration. Defaults to
true. - Integration
Gcp stringGke Audit Log Id - Name string
- The GCP Audit Trail integration name.
- Organization
Id string - The organization ID. Required if
integration_typeis set toORGANIZATION. - Retries double
- The number of attempts to create the external integration. Defaults to
5.
- Credentials
Integration
Gcp Gke Audit Log Credentials Args - The credentials needed by the integration. See Credentials below for details.
- Integration
Type string - The integration type. Must be one of
PROJECTorORGANIZATION. - Project
Id string - The project ID.
- Subscription string
- The PubSub Subscription.
- Enabled bool
- The state of the external integration. Defaults to
true. - Integration
Gcp stringGke Audit Log Id - Name string
- The GCP Audit Trail integration name.
- Organization
Id string - The organization ID. Required if
integration_typeis set toORGANIZATION. - Retries float64
- The number of attempts to create the external integration. Defaults to
5.
- credentials
Integration
Gcp Gke Audit Log Credentials - The credentials needed by the integration. See Credentials below for details.
- integration
Type String - The integration type. Must be one of
PROJECTorORGANIZATION. - project
Id String - The project ID.
- subscription String
- The PubSub Subscription.
- enabled Boolean
- The state of the external integration. Defaults to
true. - integration
Gcp StringGke Audit Log Id - name String
- The GCP Audit Trail integration name.
- organization
Id String - The organization ID. Required if
integration_typeis set toORGANIZATION. - retries Double
- The number of attempts to create the external integration. Defaults to
5.
- credentials
Integration
Gcp Gke Audit Log Credentials - The credentials needed by the integration. See Credentials below for details.
- integration
Type string - The integration type. Must be one of
PROJECTorORGANIZATION. - project
Id string - The project ID.
- subscription string
- The PubSub Subscription.
- enabled boolean
- The state of the external integration. Defaults to
true. - integration
Gcp stringGke Audit Log Id - name string
- The GCP Audit Trail integration name.
- organization
Id string - The organization ID. Required if
integration_typeis set toORGANIZATION. - retries number
- The number of attempts to create the external integration. Defaults to
5.
- credentials
Integration
Gcp Gke Audit Log Credentials Args - The credentials needed by the integration. See Credentials below for details.
- integration_
type str - The integration type. Must be one of
PROJECTorORGANIZATION. - project_
id str - The project ID.
- subscription str
- The PubSub Subscription.
- enabled bool
- The state of the external integration. Defaults to
true. - integration_
gcp_ strgke_ audit_ log_ id - name str
- The GCP Audit Trail integration name.
- organization_
id str - The organization ID. Required if
integration_typeis set toORGANIZATION. - retries float
- The number of attempts to create the external integration. Defaults to
5.
- credentials Property Map
- The credentials needed by the integration. See Credentials below for details.
- integration
Type String - The integration type. Must be one of
PROJECTorORGANIZATION. - project
Id String - The project ID.
- subscription String
- The PubSub Subscription.
- enabled Boolean
- The state of the external integration. Defaults to
true. - integration
Gcp StringGke Audit Log Id - name String
- The GCP Audit Trail integration name.
- organization
Id String - The organization ID. Required if
integration_typeis set toORGANIZATION. - retries Number
- The number of attempts to create the external integration. Defaults to
5.
Outputs
All input properties are implicitly available as output properties. Additionally, the IntegrationGcpGkeAuditLog resource produces the following output properties:
- Created
Or stringUpdated By - Created
Or stringUpdated Time - Id string
- The provider-assigned unique ID for this managed resource.
- Intg
Guid string - Is
Org bool
- Created
Or stringUpdated By - Created
Or stringUpdated Time - Id string
- The provider-assigned unique ID for this managed resource.
- Intg
Guid string - Is
Org bool
- created
Or StringUpdated By - created
Or StringUpdated Time - id String
- The provider-assigned unique ID for this managed resource.
- intg
Guid String - is
Org Boolean
- created
Or stringUpdated By - created
Or stringUpdated Time - id string
- The provider-assigned unique ID for this managed resource.
- intg
Guid string - is
Org boolean
- created_
or_ strupdated_ by - created_
or_ strupdated_ time - id str
- The provider-assigned unique ID for this managed resource.
- intg_
guid str - is_
org bool
- created
Or StringUpdated By - created
Or StringUpdated Time - id String
- The provider-assigned unique ID for this managed resource.
- intg
Guid String - is
Org Boolean
Look up Existing IntegrationGcpGkeAuditLog Resource
Get an existing IntegrationGcpGkeAuditLog resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IntegrationGcpGkeAuditLogState, opts?: CustomResourceOptions): IntegrationGcpGkeAuditLog@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created_or_updated_by: Optional[str] = None,
created_or_updated_time: Optional[str] = None,
credentials: Optional[IntegrationGcpGkeAuditLogCredentialsArgs] = None,
enabled: Optional[bool] = None,
integration_gcp_gke_audit_log_id: Optional[str] = None,
integration_type: Optional[str] = None,
intg_guid: Optional[str] = None,
is_org: Optional[bool] = None,
name: Optional[str] = None,
organization_id: Optional[str] = None,
project_id: Optional[str] = None,
retries: Optional[float] = None,
subscription: Optional[str] = None) -> IntegrationGcpGkeAuditLogfunc GetIntegrationGcpGkeAuditLog(ctx *Context, name string, id IDInput, state *IntegrationGcpGkeAuditLogState, opts ...ResourceOption) (*IntegrationGcpGkeAuditLog, error)public static IntegrationGcpGkeAuditLog Get(string name, Input<string> id, IntegrationGcpGkeAuditLogState? state, CustomResourceOptions? opts = null)public static IntegrationGcpGkeAuditLog get(String name, Output<String> id, IntegrationGcpGkeAuditLogState state, CustomResourceOptions options)resources: _: type: lacework:IntegrationGcpGkeAuditLog get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Created
Or stringUpdated By - Created
Or stringUpdated Time - Credentials
Integration
Gcp Gke Audit Log Credentials - The credentials needed by the integration. See Credentials below for details.
- Enabled bool
- The state of the external integration. Defaults to
true. - Integration
Gcp stringGke Audit Log Id - Integration
Type string - The integration type. Must be one of
PROJECTorORGANIZATION. - Intg
Guid string - Is
Org bool - Name string
- The GCP Audit Trail integration name.
- Organization
Id string - The organization ID. Required if
integration_typeis set toORGANIZATION. - Project
Id string - The project ID.
- Retries double
- The number of attempts to create the external integration. Defaults to
5. - Subscription string
- The PubSub Subscription.
- Created
Or stringUpdated By - Created
Or stringUpdated Time - Credentials
Integration
Gcp Gke Audit Log Credentials Args - The credentials needed by the integration. See Credentials below for details.
- Enabled bool
- The state of the external integration. Defaults to
true. - Integration
Gcp stringGke Audit Log Id - Integration
Type string - The integration type. Must be one of
PROJECTorORGANIZATION. - Intg
Guid string - Is
Org bool - Name string
- The GCP Audit Trail integration name.
- Organization
Id string - The organization ID. Required if
integration_typeis set toORGANIZATION. - Project
Id string - The project ID.
- Retries float64
- The number of attempts to create the external integration. Defaults to
5. - Subscription string
- The PubSub Subscription.
- created
Or StringUpdated By - created
Or StringUpdated Time - credentials
Integration
Gcp Gke Audit Log Credentials - The credentials needed by the integration. See Credentials below for details.
- enabled Boolean
- The state of the external integration. Defaults to
true. - integration
Gcp StringGke Audit Log Id - integration
Type String - The integration type. Must be one of
PROJECTorORGANIZATION. - intg
Guid String - is
Org Boolean - name String
- The GCP Audit Trail integration name.
- organization
Id String - The organization ID. Required if
integration_typeis set toORGANIZATION. - project
Id String - The project ID.
- retries Double
- The number of attempts to create the external integration. Defaults to
5. - subscription String
- The PubSub Subscription.
- created
Or stringUpdated By - created
Or stringUpdated Time - credentials
Integration
Gcp Gke Audit Log Credentials - The credentials needed by the integration. See Credentials below for details.
- enabled boolean
- The state of the external integration. Defaults to
true. - integration
Gcp stringGke Audit Log Id - integration
Type string - The integration type. Must be one of
PROJECTorORGANIZATION. - intg
Guid string - is
Org boolean - name string
- The GCP Audit Trail integration name.
- organization
Id string - The organization ID. Required if
integration_typeis set toORGANIZATION. - project
Id string - The project ID.
- retries number
- The number of attempts to create the external integration. Defaults to
5. - subscription string
- The PubSub Subscription.
- created_
or_ strupdated_ by - created_
or_ strupdated_ time - credentials
Integration
Gcp Gke Audit Log Credentials Args - The credentials needed by the integration. See Credentials below for details.
- enabled bool
- The state of the external integration. Defaults to
true. - integration_
gcp_ strgke_ audit_ log_ id - integration_
type str - The integration type. Must be one of
PROJECTorORGANIZATION. - intg_
guid str - is_
org bool - name str
- The GCP Audit Trail integration name.
- organization_
id str - The organization ID. Required if
integration_typeis set toORGANIZATION. - project_
id str - The project ID.
- retries float
- The number of attempts to create the external integration. Defaults to
5. - subscription str
- The PubSub Subscription.
- created
Or StringUpdated By - created
Or StringUpdated Time - credentials Property Map
- The credentials needed by the integration. See Credentials below for details.
- enabled Boolean
- The state of the external integration. Defaults to
true. - integration
Gcp StringGke Audit Log Id - integration
Type String - The integration type. Must be one of
PROJECTorORGANIZATION. - intg
Guid String - is
Org Boolean - name String
- The GCP Audit Trail integration name.
- organization
Id String - The organization ID. Required if
integration_typeis set toORGANIZATION. - project
Id String - The project ID.
- retries Number
- The number of attempts to create the external integration. Defaults to
5. - subscription String
- The PubSub Subscription.
Supporting Types
IntegrationGcpGkeAuditLogCredentials, IntegrationGcpGkeAuditLogCredentialsArgs
- Client
Email string - The service account client email.
- Client
Id string - The service account client ID.
- Private
Key string - The service account private key.
- Private
Key stringId - The service account private key ID.
- Client
Email string - The service account client email.
- Client
Id string - The service account client ID.
- Private
Key string - The service account private key.
- Private
Key stringId - The service account private key ID.
- client
Email String - The service account client email.
- client
Id String - The service account client ID.
- private
Key String - The service account private key.
- private
Key StringId - The service account private key ID.
- client
Email string - The service account client email.
- client
Id string - The service account client ID.
- private
Key string - The service account private key.
- private
Key stringId - The service account private key ID.
- client_
email str - The service account client email.
- client_
id str - The service account client ID.
- private_
key str - The service account private key.
- private_
key_ strid - The service account private key ID.
- client
Email String - The service account client email.
- client
Id String - The service account client ID.
- private
Key String - The service account private key.
- private
Key StringId - The service account private key ID.
Import
A Lacework GCP GKE Audit Log integration can be imported using a INT_GUID, e.g.
$ pulumi import lacework:index/integrationGcpGkeAuditLog:IntegrationGcpGkeAuditLog account_abc EXAMPLE_1234BAE1E42182964D23973F44CFEA3C4AB63B99E9A1EC5
-> Note: To retrieve the INT_GUID from existing integrations in your account, use the
Lacework CLI command lacework cloud-account list. To install this tool follow
this documentation.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- lacework lacework/terraform-provider-lacework
- License
- Notes
- This Pulumi package is based on the
laceworkTerraform Provider.