sysdig 3.3.1 published on Friday, Dec 12, 2025 by sysdiglabs
sysdig 3.3.1 published on Friday, Dec 12, 2025 by sysdiglabs
Example Usage
GCP Service Principal Component
import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";
const sample = new sysdig.SecureCloudAuthAccount("sample", {
providerId: "mygcpproject",
providerType: "PROVIDER_GCP",
enabled: true,
});
const sampleSecureCloudAuthAccountComponent = new sysdig.SecureCloudAuthAccountComponent("sample", {
accountId: sample.secureCloudAuthAccountId,
type: "COMPONENT_SERVICE_PRINCIPAL",
instance: "secure-posture",
servicePrincipalMetadata: JSON.stringify({
gcp: {
key: "gcp-sa-key",
},
}),
});
import pulumi
import json
import pulumi_sysdig as sysdig
sample = sysdig.SecureCloudAuthAccount("sample",
provider_id="mygcpproject",
provider_type="PROVIDER_GCP",
enabled=True)
sample_secure_cloud_auth_account_component = sysdig.SecureCloudAuthAccountComponent("sample",
account_id=sample.secure_cloud_auth_account_id,
type="COMPONENT_SERVICE_PRINCIPAL",
instance="secure-posture",
service_principal_metadata=json.dumps({
"gcp": {
"key": "gcp-sa-key",
},
}))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/v3/sysdig"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
sample, err := sysdig.NewSecureCloudAuthAccount(ctx, "sample", &sysdig.SecureCloudAuthAccountArgs{
ProviderId: pulumi.String("mygcpproject"),
ProviderType: pulumi.String("PROVIDER_GCP"),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
tmpJSON0, err := json.Marshal(map[string]interface{}{
"gcp": map[string]interface{}{
"key": "gcp-sa-key",
},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = sysdig.NewSecureCloudAuthAccountComponent(ctx, "sample", &sysdig.SecureCloudAuthAccountComponentArgs{
AccountId: sample.SecureCloudAuthAccountId,
Type: pulumi.String("COMPONENT_SERVICE_PRINCIPAL"),
Instance: pulumi.String("secure-posture"),
ServicePrincipalMetadata: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Sysdig = Pulumi.Sysdig;
return await Deployment.RunAsync(() =>
{
var sample = new Sysdig.SecureCloudAuthAccount("sample", new()
{
ProviderId = "mygcpproject",
ProviderType = "PROVIDER_GCP",
Enabled = true,
});
var sampleSecureCloudAuthAccountComponent = new Sysdig.SecureCloudAuthAccountComponent("sample", new()
{
AccountId = sample.SecureCloudAuthAccountId,
Type = "COMPONENT_SERVICE_PRINCIPAL",
Instance = "secure-posture",
ServicePrincipalMetadata = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["gcp"] = new Dictionary<string, object?>
{
["key"] = "gcp-sa-key",
},
}),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SecureCloudAuthAccount;
import com.pulumi.sysdig.SecureCloudAuthAccountArgs;
import com.pulumi.sysdig.SecureCloudAuthAccountComponent;
import com.pulumi.sysdig.SecureCloudAuthAccountComponentArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var sample = new SecureCloudAuthAccount("sample", SecureCloudAuthAccountArgs.builder()
.providerId("mygcpproject")
.providerType("PROVIDER_GCP")
.enabled(true)
.build());
var sampleSecureCloudAuthAccountComponent = new SecureCloudAuthAccountComponent("sampleSecureCloudAuthAccountComponent", SecureCloudAuthAccountComponentArgs.builder()
.accountId(sample.secureCloudAuthAccountId())
.type("COMPONENT_SERVICE_PRINCIPAL")
.instance("secure-posture")
.servicePrincipalMetadata(serializeJson(
jsonObject(
jsonProperty("gcp", jsonObject(
jsonProperty("key", "gcp-sa-key")
))
)))
.build());
}
}
resources:
sample:
type: sysdig:SecureCloudAuthAccount
properties:
providerId: mygcpproject
providerType: PROVIDER_GCP
enabled: true
sampleSecureCloudAuthAccountComponent:
type: sysdig:SecureCloudAuthAccountComponent
name: sample
properties:
accountId: ${sample.secureCloudAuthAccountId}
type: COMPONENT_SERVICE_PRINCIPAL
instance: secure-posture
servicePrincipalMetadata:
fn::toJSON:
gcp:
key: gcp-sa-key
AWS Cloud Responder Component
import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";
const awsAccount = new sysdig.SecureCloudAuthAccount("aws_account", {
providerId: "123456789012",
providerType: "PROVIDER_AWS",
enabled: true,
});
const cloudResponder = new sysdig.SecureCloudAuthAccountComponent("cloud_responder", {
accountId: awsAccount.secureCloudAuthAccountId,
type: "COMPONENT_CLOUD_RESPONDER",
instance: "cloud-responder",
cloudResponderMetadata: JSON.stringify({
aws: {
responder_lambdas: {
lambda_names: [
"sysdig-responder-lambda-1",
"sysdig-responder-lambda-2",
],
regions: [
"us-east-1",
"us-west-2",
],
delegate_role_name: "sysdig-delegate-role",
},
},
}),
});
import pulumi
import json
import pulumi_sysdig as sysdig
aws_account = sysdig.SecureCloudAuthAccount("aws_account",
provider_id="123456789012",
provider_type="PROVIDER_AWS",
enabled=True)
cloud_responder = sysdig.SecureCloudAuthAccountComponent("cloud_responder",
account_id=aws_account.secure_cloud_auth_account_id,
type="COMPONENT_CLOUD_RESPONDER",
instance="cloud-responder",
cloud_responder_metadata=json.dumps({
"aws": {
"responder_lambdas": {
"lambda_names": [
"sysdig-responder-lambda-1",
"sysdig-responder-lambda-2",
],
"regions": [
"us-east-1",
"us-west-2",
],
"delegate_role_name": "sysdig-delegate-role",
},
},
}))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/v3/sysdig"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
awsAccount, err := sysdig.NewSecureCloudAuthAccount(ctx, "aws_account", &sysdig.SecureCloudAuthAccountArgs{
ProviderId: pulumi.String("123456789012"),
ProviderType: pulumi.String("PROVIDER_AWS"),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
tmpJSON0, err := json.Marshal(map[string]interface{}{
"aws": map[string]interface{}{
"responder_lambdas": map[string]interface{}{
"lambda_names": []string{
"sysdig-responder-lambda-1",
"sysdig-responder-lambda-2",
},
"regions": []string{
"us-east-1",
"us-west-2",
},
"delegate_role_name": "sysdig-delegate-role",
},
},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = sysdig.NewSecureCloudAuthAccountComponent(ctx, "cloud_responder", &sysdig.SecureCloudAuthAccountComponentArgs{
AccountId: awsAccount.SecureCloudAuthAccountId,
Type: pulumi.String("COMPONENT_CLOUD_RESPONDER"),
Instance: pulumi.String("cloud-responder"),
CloudResponderMetadata: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Sysdig = Pulumi.Sysdig;
return await Deployment.RunAsync(() =>
{
var awsAccount = new Sysdig.SecureCloudAuthAccount("aws_account", new()
{
ProviderId = "123456789012",
ProviderType = "PROVIDER_AWS",
Enabled = true,
});
var cloudResponder = new Sysdig.SecureCloudAuthAccountComponent("cloud_responder", new()
{
AccountId = awsAccount.SecureCloudAuthAccountId,
Type = "COMPONENT_CLOUD_RESPONDER",
Instance = "cloud-responder",
CloudResponderMetadata = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["aws"] = new Dictionary<string, object?>
{
["responder_lambdas"] = new Dictionary<string, object?>
{
["lambda_names"] = new[]
{
"sysdig-responder-lambda-1",
"sysdig-responder-lambda-2",
},
["regions"] = new[]
{
"us-east-1",
"us-west-2",
},
["delegate_role_name"] = "sysdig-delegate-role",
},
},
}),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SecureCloudAuthAccount;
import com.pulumi.sysdig.SecureCloudAuthAccountArgs;
import com.pulumi.sysdig.SecureCloudAuthAccountComponent;
import com.pulumi.sysdig.SecureCloudAuthAccountComponentArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var awsAccount = new SecureCloudAuthAccount("awsAccount", SecureCloudAuthAccountArgs.builder()
.providerId("123456789012")
.providerType("PROVIDER_AWS")
.enabled(true)
.build());
var cloudResponder = new SecureCloudAuthAccountComponent("cloudResponder", SecureCloudAuthAccountComponentArgs.builder()
.accountId(awsAccount.secureCloudAuthAccountId())
.type("COMPONENT_CLOUD_RESPONDER")
.instance("cloud-responder")
.cloudResponderMetadata(serializeJson(
jsonObject(
jsonProperty("aws", jsonObject(
jsonProperty("responder_lambdas", jsonObject(
jsonProperty("lambda_names", jsonArray(
"sysdig-responder-lambda-1",
"sysdig-responder-lambda-2"
)),
jsonProperty("regions", jsonArray(
"us-east-1",
"us-west-2"
)),
jsonProperty("delegate_role_name", "sysdig-delegate-role")
))
))
)))
.build());
}
}
resources:
awsAccount:
type: sysdig:SecureCloudAuthAccount
name: aws_account
properties:
providerId: '123456789012'
providerType: PROVIDER_AWS
enabled: true
cloudResponder:
type: sysdig:SecureCloudAuthAccountComponent
name: cloud_responder
properties:
accountId: ${awsAccount.secureCloudAuthAccountId}
type: COMPONENT_CLOUD_RESPONDER
instance: cloud-responder
cloudResponderMetadata:
fn::toJSON:
aws:
responder_lambdas:
lambda_names:
- sysdig-responder-lambda-1
- sysdig-responder-lambda-2
regions:
- us-east-1
- us-west-2
delegate_role_name: sysdig-delegate-role
AWS Cloud Responder Roles Component
import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";
const awsAccount = new sysdig.SecureCloudAuthAccount("aws_account", {
providerId: "123456789012",
providerType: "PROVIDER_AWS",
enabled: true,
});
const cloudResponderRoles = new sysdig.SecureCloudAuthAccountComponent("cloud_responder_roles", {
accountId: awsAccount.secureCloudAuthAccountId,
type: "COMPONENT_CLOUD_RESPONDER_ROLES",
instance: "cloud-responder",
cloudResponderRolesMetadata: JSON.stringify({
roles: [
{
aws: {
role_name: "sysdig-responder-role-1",
},
},
{
aws: {
role_name: "sysdig-responder-role-2",
},
},
{
aws: {
role_name: "sysdig-responder-role-3",
},
},
],
}),
});
import pulumi
import json
import pulumi_sysdig as sysdig
aws_account = sysdig.SecureCloudAuthAccount("aws_account",
provider_id="123456789012",
provider_type="PROVIDER_AWS",
enabled=True)
cloud_responder_roles = sysdig.SecureCloudAuthAccountComponent("cloud_responder_roles",
account_id=aws_account.secure_cloud_auth_account_id,
type="COMPONENT_CLOUD_RESPONDER_ROLES",
instance="cloud-responder",
cloud_responder_roles_metadata=json.dumps({
"roles": [
{
"aws": {
"role_name": "sysdig-responder-role-1",
},
},
{
"aws": {
"role_name": "sysdig-responder-role-2",
},
},
{
"aws": {
"role_name": "sysdig-responder-role-3",
},
},
],
}))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/v3/sysdig"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
awsAccount, err := sysdig.NewSecureCloudAuthAccount(ctx, "aws_account", &sysdig.SecureCloudAuthAccountArgs{
ProviderId: pulumi.String("123456789012"),
ProviderType: pulumi.String("PROVIDER_AWS"),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
tmpJSON0, err := json.Marshal(map[string]interface{}{
"roles": []map[string]interface{}{
map[string]interface{}{
"aws": map[string]interface{}{
"role_name": "sysdig-responder-role-1",
},
},
map[string]interface{}{
"aws": map[string]interface{}{
"role_name": "sysdig-responder-role-2",
},
},
map[string]interface{}{
"aws": map[string]interface{}{
"role_name": "sysdig-responder-role-3",
},
},
},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = sysdig.NewSecureCloudAuthAccountComponent(ctx, "cloud_responder_roles", &sysdig.SecureCloudAuthAccountComponentArgs{
AccountId: awsAccount.SecureCloudAuthAccountId,
Type: pulumi.String("COMPONENT_CLOUD_RESPONDER_ROLES"),
Instance: pulumi.String("cloud-responder"),
CloudResponderRolesMetadata: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Sysdig = Pulumi.Sysdig;
return await Deployment.RunAsync(() =>
{
var awsAccount = new Sysdig.SecureCloudAuthAccount("aws_account", new()
{
ProviderId = "123456789012",
ProviderType = "PROVIDER_AWS",
Enabled = true,
});
var cloudResponderRoles = new Sysdig.SecureCloudAuthAccountComponent("cloud_responder_roles", new()
{
AccountId = awsAccount.SecureCloudAuthAccountId,
Type = "COMPONENT_CLOUD_RESPONDER_ROLES",
Instance = "cloud-responder",
CloudResponderRolesMetadata = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["roles"] = new[]
{
new Dictionary<string, object?>
{
["aws"] = new Dictionary<string, object?>
{
["role_name"] = "sysdig-responder-role-1",
},
},
new Dictionary<string, object?>
{
["aws"] = new Dictionary<string, object?>
{
["role_name"] = "sysdig-responder-role-2",
},
},
new Dictionary<string, object?>
{
["aws"] = new Dictionary<string, object?>
{
["role_name"] = "sysdig-responder-role-3",
},
},
},
}),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SecureCloudAuthAccount;
import com.pulumi.sysdig.SecureCloudAuthAccountArgs;
import com.pulumi.sysdig.SecureCloudAuthAccountComponent;
import com.pulumi.sysdig.SecureCloudAuthAccountComponentArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var awsAccount = new SecureCloudAuthAccount("awsAccount", SecureCloudAuthAccountArgs.builder()
.providerId("123456789012")
.providerType("PROVIDER_AWS")
.enabled(true)
.build());
var cloudResponderRoles = new SecureCloudAuthAccountComponent("cloudResponderRoles", SecureCloudAuthAccountComponentArgs.builder()
.accountId(awsAccount.secureCloudAuthAccountId())
.type("COMPONENT_CLOUD_RESPONDER_ROLES")
.instance("cloud-responder")
.cloudResponderRolesMetadata(serializeJson(
jsonObject(
jsonProperty("roles", jsonArray(
jsonObject(
jsonProperty("aws", jsonObject(
jsonProperty("role_name", "sysdig-responder-role-1")
))
),
jsonObject(
jsonProperty("aws", jsonObject(
jsonProperty("role_name", "sysdig-responder-role-2")
))
),
jsonObject(
jsonProperty("aws", jsonObject(
jsonProperty("role_name", "sysdig-responder-role-3")
))
)
))
)))
.build());
}
}
resources:
awsAccount:
type: sysdig:SecureCloudAuthAccount
name: aws_account
properties:
providerId: '123456789012'
providerType: PROVIDER_AWS
enabled: true
cloudResponderRoles:
type: sysdig:SecureCloudAuthAccountComponent
name: cloud_responder_roles
properties:
accountId: ${awsAccount.secureCloudAuthAccountId}
type: COMPONENT_CLOUD_RESPONDER_ROLES
instance: cloud-responder
cloudResponderRolesMetadata:
fn::toJSON:
roles:
- aws:
role_name: sysdig-responder-role-1
- aws:
role_name: sysdig-responder-role-2
- aws:
role_name: sysdig-responder-role-3
Create SecureCloudAuthAccountComponent Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecureCloudAuthAccountComponent(name: string, args: SecureCloudAuthAccountComponentArgs, opts?: CustomResourceOptions);@overload
def SecureCloudAuthAccountComponent(resource_name: str,
args: SecureCloudAuthAccountComponentInitArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SecureCloudAuthAccountComponent(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
type: Optional[str] = None,
instance: Optional[str] = None,
event_bridge_metadata: Optional[str] = None,
cloud_responder_roles_metadata: Optional[str] = None,
crypto_key_metadata: Optional[str] = None,
cloud_responder_metadata: Optional[str] = None,
cloud_logs_metadata: Optional[str] = None,
secure_cloud_auth_account_component_id: Optional[str] = None,
service_principal_metadata: Optional[str] = None,
timeouts: Optional[SecureCloudAuthAccountComponentTimeoutsArgs] = None,
trusted_role_metadata: Optional[str] = None,
cloud_connector_metadata: Optional[str] = None,
version: Optional[str] = None,
webhook_datasource_metadata: Optional[str] = None)func NewSecureCloudAuthAccountComponent(ctx *Context, name string, args SecureCloudAuthAccountComponentArgs, opts ...ResourceOption) (*SecureCloudAuthAccountComponent, error)public SecureCloudAuthAccountComponent(string name, SecureCloudAuthAccountComponentArgs args, CustomResourceOptions? opts = null)
public SecureCloudAuthAccountComponent(String name, SecureCloudAuthAccountComponentArgs args)
public SecureCloudAuthAccountComponent(String name, SecureCloudAuthAccountComponentArgs args, CustomResourceOptions options)
type: sysdig:SecureCloudAuthAccountComponent
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SecureCloudAuthAccountComponentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecureCloudAuthAccountComponentInitArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecureCloudAuthAccountComponentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecureCloudAuthAccountComponentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecureCloudAuthAccountComponentArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var secureCloudAuthAccountComponentResource = new Sysdig.SecureCloudAuthAccountComponent("secureCloudAuthAccountComponentResource", new()
{
AccountId = "string",
Type = "string",
Instance = "string",
EventBridgeMetadata = "string",
CloudResponderRolesMetadata = "string",
CryptoKeyMetadata = "string",
CloudResponderMetadata = "string",
CloudLogsMetadata = "string",
SecureCloudAuthAccountComponentId = "string",
ServicePrincipalMetadata = "string",
Timeouts = new Sysdig.Inputs.SecureCloudAuthAccountComponentTimeoutsArgs
{
Create = "string",
Delete = "string",
Read = "string",
Update = "string",
},
TrustedRoleMetadata = "string",
CloudConnectorMetadata = "string",
Version = "string",
WebhookDatasourceMetadata = "string",
});
example, err := sysdig.NewSecureCloudAuthAccountComponent(ctx, "secureCloudAuthAccountComponentResource", &sysdig.SecureCloudAuthAccountComponentArgs{
AccountId: pulumi.String("string"),
Type: pulumi.String("string"),
Instance: pulumi.String("string"),
EventBridgeMetadata: pulumi.String("string"),
CloudResponderRolesMetadata: pulumi.String("string"),
CryptoKeyMetadata: pulumi.String("string"),
CloudResponderMetadata: pulumi.String("string"),
CloudLogsMetadata: pulumi.String("string"),
SecureCloudAuthAccountComponentId: pulumi.String("string"),
ServicePrincipalMetadata: pulumi.String("string"),
Timeouts: &sysdig.SecureCloudAuthAccountComponentTimeoutsArgs{
Create: pulumi.String("string"),
Delete: pulumi.String("string"),
Read: pulumi.String("string"),
Update: pulumi.String("string"),
},
TrustedRoleMetadata: pulumi.String("string"),
CloudConnectorMetadata: pulumi.String("string"),
Version: pulumi.String("string"),
WebhookDatasourceMetadata: pulumi.String("string"),
})
var secureCloudAuthAccountComponentResource = new SecureCloudAuthAccountComponent("secureCloudAuthAccountComponentResource", SecureCloudAuthAccountComponentArgs.builder()
.accountId("string")
.type("string")
.instance("string")
.eventBridgeMetadata("string")
.cloudResponderRolesMetadata("string")
.cryptoKeyMetadata("string")
.cloudResponderMetadata("string")
.cloudLogsMetadata("string")
.secureCloudAuthAccountComponentId("string")
.servicePrincipalMetadata("string")
.timeouts(SecureCloudAuthAccountComponentTimeoutsArgs.builder()
.create("string")
.delete("string")
.read("string")
.update("string")
.build())
.trustedRoleMetadata("string")
.cloudConnectorMetadata("string")
.version("string")
.webhookDatasourceMetadata("string")
.build());
secure_cloud_auth_account_component_resource = sysdig.SecureCloudAuthAccountComponent("secureCloudAuthAccountComponentResource",
account_id="string",
type="string",
instance="string",
event_bridge_metadata="string",
cloud_responder_roles_metadata="string",
crypto_key_metadata="string",
cloud_responder_metadata="string",
cloud_logs_metadata="string",
secure_cloud_auth_account_component_id="string",
service_principal_metadata="string",
timeouts={
"create": "string",
"delete": "string",
"read": "string",
"update": "string",
},
trusted_role_metadata="string",
cloud_connector_metadata="string",
version="string",
webhook_datasource_metadata="string")
const secureCloudAuthAccountComponentResource = new sysdig.SecureCloudAuthAccountComponent("secureCloudAuthAccountComponentResource", {
accountId: "string",
type: "string",
instance: "string",
eventBridgeMetadata: "string",
cloudResponderRolesMetadata: "string",
cryptoKeyMetadata: "string",
cloudResponderMetadata: "string",
cloudLogsMetadata: "string",
secureCloudAuthAccountComponentId: "string",
servicePrincipalMetadata: "string",
timeouts: {
create: "string",
"delete": "string",
read: "string",
update: "string",
},
trustedRoleMetadata: "string",
cloudConnectorMetadata: "string",
version: "string",
webhookDatasourceMetadata: "string",
});
type: sysdig:SecureCloudAuthAccountComponent
properties:
accountId: string
cloudConnectorMetadata: string
cloudLogsMetadata: string
cloudResponderMetadata: string
cloudResponderRolesMetadata: string
cryptoKeyMetadata: string
eventBridgeMetadata: string
instance: string
secureCloudAuthAccountComponentId: string
servicePrincipalMetadata: string
timeouts:
create: string
delete: string
read: string
update: string
trustedRoleMetadata: string
type: string
version: string
webhookDatasourceMetadata: string
SecureCloudAuthAccountComponent Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecureCloudAuthAccountComponent resource accepts the following input properties:
- Account
Id string - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- Instance string
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- Type string
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - Cloud
Connector stringMetadata - Cloud
Logs stringMetadata - Cloud
Responder stringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- Cloud
Responder stringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - Crypto
Key stringMetadata - Event
Bridge stringMetadata - Secure
Cloud stringAuth Account Component Id - Service
Principal stringMetadata - Timeouts
Secure
Cloud Auth Account Component Timeouts - Trusted
Role stringMetadata - Version string
- Webhook
Datasource stringMetadata
- Account
Id string - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- Instance string
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- Type string
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - Cloud
Connector stringMetadata - Cloud
Logs stringMetadata - Cloud
Responder stringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- Cloud
Responder stringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - Crypto
Key stringMetadata - Event
Bridge stringMetadata - Secure
Cloud stringAuth Account Component Id - Service
Principal stringMetadata - Timeouts
Secure
Cloud Auth Account Component Timeouts Args - Trusted
Role stringMetadata - Version string
- Webhook
Datasource stringMetadata
- account
Id String - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- instance String
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- type String
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - cloud
Connector StringMetadata - cloud
Logs StringMetadata - cloud
Responder StringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- cloud
Responder StringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - crypto
Key StringMetadata - event
Bridge StringMetadata - secure
Cloud StringAuth Account Component Id - service
Principal StringMetadata - timeouts
Secure
Cloud Auth Account Component Timeouts - trusted
Role StringMetadata - version String
- webhook
Datasource StringMetadata
- account
Id string - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- instance string
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- type string
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - cloud
Connector stringMetadata - cloud
Logs stringMetadata - cloud
Responder stringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- cloud
Responder stringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - crypto
Key stringMetadata - event
Bridge stringMetadata - secure
Cloud stringAuth Account Component Id - service
Principal stringMetadata - timeouts
Secure
Cloud Auth Account Component Timeouts - trusted
Role stringMetadata - version string
- webhook
Datasource stringMetadata
- account_
id str - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- instance str
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- type str
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - cloud_
connector_ strmetadata - cloud_
logs_ strmetadata - cloud_
responder_ strmetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- cloud_
responder_ strroles_ metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - crypto_
key_ strmetadata - event_
bridge_ strmetadata - secure_
cloud_ strauth_ account_ component_ id - service_
principal_ strmetadata - timeouts
Secure
Cloud Auth Account Component Timeouts Args - trusted_
role_ strmetadata - version str
- webhook_
datasource_ strmetadata
- account
Id String - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- instance String
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- type String
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - cloud
Connector StringMetadata - cloud
Logs StringMetadata - cloud
Responder StringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- cloud
Responder StringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - crypto
Key StringMetadata - event
Bridge StringMetadata - secure
Cloud StringAuth Account Component Id - service
Principal StringMetadata - timeouts Property Map
- trusted
Role StringMetadata - version String
- webhook
Datasource StringMetadata
Outputs
All input properties are implicitly available as output properties. Additionally, the SecureCloudAuthAccountComponent resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing SecureCloudAuthAccountComponent Resource
Get an existing SecureCloudAuthAccountComponent resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecureCloudAuthAccountComponentState, opts?: CustomResourceOptions): SecureCloudAuthAccountComponent@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
cloud_connector_metadata: Optional[str] = None,
cloud_logs_metadata: Optional[str] = None,
cloud_responder_metadata: Optional[str] = None,
cloud_responder_roles_metadata: Optional[str] = None,
crypto_key_metadata: Optional[str] = None,
event_bridge_metadata: Optional[str] = None,
instance: Optional[str] = None,
secure_cloud_auth_account_component_id: Optional[str] = None,
service_principal_metadata: Optional[str] = None,
timeouts: Optional[SecureCloudAuthAccountComponentTimeoutsArgs] = None,
trusted_role_metadata: Optional[str] = None,
type: Optional[str] = None,
version: Optional[str] = None,
webhook_datasource_metadata: Optional[str] = None) -> SecureCloudAuthAccountComponentfunc GetSecureCloudAuthAccountComponent(ctx *Context, name string, id IDInput, state *SecureCloudAuthAccountComponentState, opts ...ResourceOption) (*SecureCloudAuthAccountComponent, error)public static SecureCloudAuthAccountComponent Get(string name, Input<string> id, SecureCloudAuthAccountComponentState? state, CustomResourceOptions? opts = null)public static SecureCloudAuthAccountComponent get(String name, Output<String> id, SecureCloudAuthAccountComponentState state, CustomResourceOptions options)resources: _: type: sysdig:SecureCloudAuthAccountComponent get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- Cloud
Connector stringMetadata - Cloud
Logs stringMetadata - Cloud
Responder stringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- Cloud
Responder stringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - Crypto
Key stringMetadata - Event
Bridge stringMetadata - Instance string
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- Secure
Cloud stringAuth Account Component Id - Service
Principal stringMetadata - Timeouts
Secure
Cloud Auth Account Component Timeouts - Trusted
Role stringMetadata - Type string
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - Version string
- Webhook
Datasource stringMetadata
- Account
Id string - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- Cloud
Connector stringMetadata - Cloud
Logs stringMetadata - Cloud
Responder stringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- Cloud
Responder stringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - Crypto
Key stringMetadata - Event
Bridge stringMetadata - Instance string
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- Secure
Cloud stringAuth Account Component Id - Service
Principal stringMetadata - Timeouts
Secure
Cloud Auth Account Component Timeouts Args - Trusted
Role stringMetadata - Type string
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - Version string
- Webhook
Datasource stringMetadata
- account
Id String - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- cloud
Connector StringMetadata - cloud
Logs StringMetadata - cloud
Responder StringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- cloud
Responder StringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - crypto
Key StringMetadata - event
Bridge StringMetadata - instance String
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- secure
Cloud StringAuth Account Component Id - service
Principal StringMetadata - timeouts
Secure
Cloud Auth Account Component Timeouts - trusted
Role StringMetadata - type String
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - version String
- webhook
Datasource StringMetadata
- account
Id string - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- cloud
Connector stringMetadata - cloud
Logs stringMetadata - cloud
Responder stringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- cloud
Responder stringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - crypto
Key stringMetadata - event
Bridge stringMetadata - instance string
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- secure
Cloud stringAuth Account Component Id - service
Principal stringMetadata - timeouts
Secure
Cloud Auth Account Component Timeouts - trusted
Role stringMetadata - type string
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - version string
- webhook
Datasource stringMetadata
- account_
id str - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- cloud_
connector_ strmetadata - cloud_
logs_ strmetadata - cloud_
responder_ strmetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- cloud_
responder_ strroles_ metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - crypto_
key_ strmetadata - event_
bridge_ strmetadata - instance str
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- secure_
cloud_ strauth_ account_ component_ id - service_
principal_ strmetadata - timeouts
Secure
Cloud Auth Account Component Timeouts Args - trusted_
role_ strmetadata - type str
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - version str
- webhook_
datasource_ strmetadata
- account
Id String - Cloud Account created using resource sysdig_secure_cloud_auth_account.
- cloud
Connector StringMetadata - cloud
Logs StringMetadata - cloud
Responder StringMetadata - Metadata for
COMPONENT_CLOUD_RESPONDERtype. Configures the Lambda functions and IAM roles for automated response actions. Required fields:aws.responder_lambdas.lambda_names- List of Lambda function names to use for response actionsaws.responder_lambdas.regions- List of AWS regions where the responder is deployedaws.responder_lambdas.delegate_role_name- IAM role name that the responder assumes
- cloud
Responder StringRoles Metadata - Metadata for
COMPONENT_CLOUD_RESPONDER_ROLEStype. Defines the IAM roles that can be assumed for response actions. Required fields: - crypto
Key StringMetadata - event
Bridge StringMetadata - instance String
- The component instance to be created, identified by a specific string. e.g.
secure-posture,secure-runtime,cloud-responder, etc.<component>_metadata- (Optional) Based on the component type created, this is the metadata information passed to enable the component on the account.
- secure
Cloud StringAuth Account Component Id - service
Principal StringMetadata - timeouts Property Map
- trusted
Role StringMetadata - type String
- The type of component to be created. e.g.
COMPONENT_SERVICE_PRINCIPAL. - version String
- webhook
Datasource StringMetadata
Supporting Types
SecureCloudAuthAccountComponentTimeouts, SecureCloudAuthAccountComponentTimeoutsArgs
Package Details
- Repository
- sysdig sysdiglabs/terraform-provider-sysdig
- License
- Notes
- This Pulumi package is based on the
sysdigTerraform Provider.
sysdig 3.3.1 published on Friday, Dec 12, 2025 by sysdiglabs
